Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
IPO gateway addresses for LAN1 & LAN2 (WAN) 3
- Thread starter testman1
- Start date
- Thread starter
- #3
amriddle01
Programmer
Yes, the "Help" file in that window will tell you all you need to know, it's very easy 
-
1
- #5
amriddle01
Programmer
The system like any device can't have 2 default gateways, it can route all or certain ranges out one interface or the other, but only one can be the default for all unknown traffic
- Thread starter
- #7
This is my existing configuration:
I would like all unknown traffic to go out on LAN2. LAN2 has a static ip address connected directly to the Internet. (I am only using the 192.168.20.0 network as a stand-in for my question).
The IPO static ip address for LAN1 is 192.168.10.2
The IPO static ip address for LAN1 is 192.168.20.2
ip route:
ip address: 0.0.0.0
subnet: 0.0.0.0
Gateway ip address: 192.168.20.1
Destination: LAN2
Metric: 0
Under this setup everything works fine except when I use a VPN connection from a remote laptop to connect to the 192.168.10.0 network, I can't ping from the VPN connected laptop to the IPO LAN1 ip address (192.168.10.2). I get no reply.
The whole reason for this is I would like to use a IPO SIP Softphone on the remote laptop, but since I can't ping the IPO LAN1 ip address (192.168.10.2) I can't get it to work.
The only reason I have the LAN2 connected to the Internet is so that I can have a 9608 H.323 telephone connect to the IPO without going through a router; this works great.
Any help would be greatly appreciated...
I would like all unknown traffic to go out on LAN2. LAN2 has a static ip address connected directly to the Internet. (I am only using the 192.168.20.0 network as a stand-in for my question).
The IPO static ip address for LAN1 is 192.168.10.2
The IPO static ip address for LAN1 is 192.168.20.2
ip route:
ip address: 0.0.0.0
subnet: 0.0.0.0
Gateway ip address: 192.168.20.1
Destination: LAN2
Metric: 0
Under this setup everything works fine except when I use a VPN connection from a remote laptop to connect to the 192.168.10.0 network, I can't ping from the VPN connected laptop to the IPO LAN1 ip address (192.168.10.2). I get no reply.
The whole reason for this is I would like to use a IPO SIP Softphone on the remote laptop, but since I can't ping the IPO LAN1 ip address (192.168.10.2) I can't get it to work.
The only reason I have the LAN2 connected to the Internet is so that I can have a 9608 H.323 telephone connect to the IPO without going through a router; this works great.
Any help would be greatly appreciated...
amriddle01
Programmer
The gateway address should be the next hop out from the system, not the systems own address (it already knows this), so it's usually the ISP's router address
amriddle01
Programmer
Ps don't leave it on the internet directly, it may seem like a good idea or the only way round an issue, but it WILL be port scanned and then subsequently hacked....seriously, it will
- Thread starter
- #10
I was hacked with SIP so I shutdown SIP on the LAN2(WAN). It was just a stupid password mistake on my part.
All that being said, non of this is a good idea, but I just can't get SIP to work through a VPN.
When I shutdown the LAN2(WAN) and just use the internal LAN1 I can then get the SIP softphone to work through the VPN, except the audio doesn't work.
This is tough stuff...
All that being said, non of this is a good idea, but I just can't get SIP to work through a VPN.
When I shutdown the LAN2(WAN) and just use the internal LAN1 I can then get the SIP softphone to work through the VPN, except the audio doesn't work.
This is tough stuff...
-
1
- #11
amriddle01
Programmer
No audio is the routers blocking/changing the SIP ports, don't let it open yourself up to hacking again, for example all they need to do is connect phone manager, then they have the user list. Then they just need to guess user passwords (if you even have any set) and then they can call anyone and transfer anywhere or forward the user wherever they like, it's not worth it. It will cost you less to buy decent routers than pay for the bill they will rack up
-
1
- #12
your VPN might have a different IP range then 192.168.10.x
so make sure that you point the VPN range to the proper LAN1 gateway. Assuming 192.168.30.x is your VPN range that gets assigned then the IP route would be
192.168.30.0
mask 255.255.255.0
192.168.10.1
LAN1
this way all traffic for the VPN range will get sent out over the LAN1 gateway and not the LAN2 gateway
if this doesn't work right away reboot the system as I have noticed that sometimes the IP routes do not work properly until rebooted (sucks and is not in the manual that I can tell but true)
But if that is not working then your router is probably no good like amriddle01 mentioned
Joe W.
TeleTechs.ca
FHandw, ACSS (SME), ACIS (SME)
“This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter
so make sure that you point the VPN range to the proper LAN1 gateway. Assuming 192.168.30.x is your VPN range that gets assigned then the IP route would be
192.168.30.0
mask 255.255.255.0
192.168.10.1
LAN1
this way all traffic for the VPN range will get sent out over the LAN1 gateway and not the LAN2 gateway
if this doesn't work right away reboot the system as I have noticed that sometimes the IP routes do not work properly until rebooted (sucks and is not in the manual that I can tell but true)
But if that is not working then your router is probably no good like amriddle01 mentioned
Joe W.
TeleTechs.ca
FHandw, ACSS (SME), ACIS (SME)
“This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter
- Thread starter
- #13
- Status
Similar threads
- Locked
- Question
