D-Link VPN Router > DSR-250N

Can't get DHCP Relay to work on a DSR-250N router.

<< < (2/2)

AD227529:
I got it to work at another of our remote locations.  DHCP Relay works fine at another location, just not at the location where I was doing the initial testing of the router.  I think it might be an issue with the AT&T router at the site where I was testing.  Works fine now, but I still have a small issue.  I cannot ping any computers on the LAN side of the router.  I can ping the outside IP address (which is 192.168.11.16) but I cannot ping the inside IP address (10.1.16.1) or any computers that are on the LAN side of the router.  What would be causing this?  Anything I need to check on the router's configuration settings?  Remote management is turned on on the router, and I can ping the WAN side from remote locations just fine, just not the LAN addresses (the 10.1.16.X subnet on the LAN doesn't respond to pings, and I cannot RDP to any of the computers on the LAN side of the router.

FurryNutz:
So what resolved this? You didn't mention how you got it working...

Not sure about pinging across two different sub nets...

AD227529:
Not sure what got the DHCP Relay to work, other than taking it to another one of our remote offices and testing it there.  Didn't work at one location, but worked fine at another.  The only thing I can figure is it was something to do with a setting in the AT&T router at the location.  It is working fine at the current location, and DHCP Relay is allowing PCs on the LAN to get addresses from the DHCP server at our main office.  Only problem now is that I can't ping the LAN side of the router, or Remote Desktop to any of the PCs on the LAN side.  I can ping the WAN side of the router just fine, and can even remotely access the GUI of the router if I use the WAN address (192.168.11.16), but if I ping or remote to the LAN address of the router (10.1.16.1) I get nothing.  Can't understand it.  Routing mode is set to Classical Routing, and there are not firewall rules on the router.  What would be blocking this?

PacketTracer:
Hi again,

here are the facts (partially copied from your statements), I've understood so far:


* We have a headquarters at city hall, with several branch offices throughout the city.
* Our layer 3 switch can route between subnets at city hall and our remote offices.
* Our Internet connection is also through this layer 3 switch at city hall.
* Our remote offices all connect back to this layer 3 switch.
* I think it might be an issue with the AT&T router at the site where I was testing.
* There is some backbone network 192.168.11.0/24 that connects all WAN interfaces of the DSRs (using 192.168.11.X where X is a branch office counter) with the SVI (having addess 192.168.11.1) at the central VRF within the central L3 switch.
* Any branch office X consists of a single LAN (using network 10.1.X.0/24) directly attached to the branch's DSR.
* The headquarter's LAN 10.1.2.0/24 is directly connected to the central VRF. It comtains the combined DHCP/DNS server (10.1.2.2).
Questions:


* How are branch offices and headquarter connected to each other? Do you have some MAN availabe (fiber across the town)? Or do you use IPsec site to site VPN connections across the Internet?
* What role does the  AT&T router at branch 17 play and how does it interact with that site's DSR?
* If IPsec tunnels are in use, does any site's AT&T router (given the same hardware equipement at any branch office) terminate the VPN tunnel (forming the IPsec gatway)?  And is any site's DSR connected (via its WAN interface) to the LAN side of the local AT&T router?. Or does any branch's DSR behind an AT&T router form the VPN gateway? Do you use a split tunnel configuration within IPsec VPN gateways? E.g. for branch office's clients to use the site's internet connection directly that way bypassing the VPN tunnel to the headquarter?
Many facts unclear, all of them might have an impact on the problems you encounter ...

PT

Navigation

[0] Message Index

[*] Previous page

Go to full version