Dual gateway question

PrincessFrosty

Supreme [H]ardness
Joined
May 6, 2009
Messages
5,905
We've got a really basic network at the workplace a single subnet network with 2 internet lines, a primary one and a backup one, we've had some instability on the primary line out of hours and wanted to set up my PC so I could remote deskop through the 2nd line on to my PC at work, from there I can reboot the first router.

Currently the primary router uses port forwarding (NAT) to direct traffic on the RDP port to my computer and this has always worked well. But when I do the same thing on the 2nd gateway I get no connection...

I'm assuming my PC at work simply doesn't know how to reply to that address back through the 2nd gateway, I even added a 2nd gateway address but no dice.

Is this even possible without setting a dedicated PC inside the network to have it's primary gateway as the backup line?

Any input much appreciated!
 

PrincessFrosty

Supreme [H]ardness
Joined
May 6, 2009
Messages
5,905
OK i've sucessfully switched an unused machine to have the 2nd line as it's primary gateway now it's port forwarding just fine. I would still like to know if the above setup is possible.
 

bigj2k1

Limp Gawd
Joined
Aug 19, 2005
Messages
339
Slightly confused, are you trying to set up 1 nic with 2 gateways?

If you have 2 gateways, your computer needs 2 nics and you can then set the 2nd internet connection gateway to port forward to your computer, which will still be plugged into network a) and allow you access to reboot your other router. Does that make sense?

This isn't the ideal way to set this up however, what kind of gear are you using we might be able to assist.

Also, don't confuse port forwarding and NAT. NAT=Internal IP to External IP on same port Port forwarding=external ip to Internal IP on different Port.
 

PrincessFrosty

Supreme [H]ardness
Joined
May 6, 2009
Messages
5,905
Yeah 1 NIC with 2 gateways, i guess it's not possible? I was hoping that there was some fancy routing rules you could use if you were a wiz at something like static routes, if it helps the PC's we're connecting from on the internet are static IPs

The gear is not much more complicated than home routers, it's an SME.

Yeah i wasn't really getting confused, i was just tinkering with set NAT rules for getting the packets back out the external PC with port forwarding rules for incoming traffic.

None of our PC's have dual NICS so will just stick with my original solution for now.
 

bigj2k1

Limp Gawd
Joined
Aug 19, 2005
Messages
339
Yeah 1 NIC with 2 gateways, i guess it's not possible? I was hoping that there was some fancy routing rules you could use if you were a wiz at something like static routes, if it helps the PC's we're connecting from on the internet are static IPs

The gear is not much more complicated than home routers, it's an SME.

Yeah i wasn't really getting confused, i was just tinkering with set NAT rules for getting the packets back out the external PC with port forwarding rules for incoming traffic.

None of our PC's have dual NICS so will just stick with my original solution for now.

Do both internet connections come into 1 router? If so you might be able to do some port forwarding and make it work.

What you might have happening is more than 1 service trying to come in on that port and its responding wrong. You can try setting up port forwarding to go from say port 4444->3389 with the ip address of your computer on 1 gateway and then 3389->3389 on the other gateway.

Does that make sense?
 

thee_rook

[H]ard|Gawd
Joined
Aug 30, 2007
Messages
1,031
Do both internet connections come into 1 router? If so you might be able to do some port forwarding and make it work.

What you might have happening is more than 1 service trying to come in on that port and its responding wrong. You can try setting up port forwarding to go from say port 4444->3389 with the ip address of your computer on 1 gateway and then 3389->3389 on the other gateway.

Does that make sense?

I think he is running 2 routers off of 2 different modems into 1 switch?
 

keenan

2[H]4U
Joined
Aug 5, 2009
Messages
2,695
$9.95 for a nic = headache gone.

Probably won't work. The problem is that the PC is sending return traffic to its default gateway, which has no connectivity. That problem won't go away when you add a new NIC, it's how the IP stack is supposed to work.

You could add a static route for the remote IP (ie. your home PC) to only go out the secondary gateway. If the IP is changing though, at least in Windows, there's not much else you can do other than what you've done and make all traffic go out the secondary. If you want to get fancy with it you could probably write a fairly simple script to ping out and then if the pings fail, change the default gateway. I can't think of any other simple solution other than getting a proper dual WAN setup with both WANs on the same router.
 

PrincessFrosty

Supreme [H]ardness
Joined
May 6, 2009
Messages
5,905
What you might have happening is more than 1 service trying to come in on that port and its responding wrong. You can try setting up port forwarding to go from say port 4444->3389 with the ip address of your computer on 1 gateway and then 3389->3389 on the other gateway.

Nope it's not contended, what we've done with RDP is change the port numbers it listens on with some of our PC's so we can use port forwarding to get in remotely to a number of PCs at the same time. The port forwarding is done keeping the internal/external ports the same in all cases.

I think he is running 2 routers off of 2 different modems into 1 switch?

Yes, 2 seperate routers into the same physical network.

Again I think the return route is trying to go through the default gateway (you can add more than 1 gateway in windows networking) but adding the 2nd doesn't help. I guess what is happening is the external PC trying to connect in is firing off the request from IP address A and seeing a response from IP address B.

This is why I ask about static routes, Im sure you can force a static route to say if the traffic is going to this ip address then take a specific route through the network, unfortunately my networking isn't really that good, I only know the basics, was wondering if anyone had tried this before? It seems like it should be possible, afterall the IP address of the external machine is known and is static (my home IP basically)
 

keenan

2[H]4U
Joined
Aug 5, 2009
Messages
2,695
This is why I ask about static routes, Im sure you can force a static route to say if the traffic is going to this ip address then take a specific route through the network, unfortunately my networking isn't really that good, I only know the basics, was wondering if anyone had tried this before? It seems like it should be possible, afterall the IP address of the external machine is known and is static (my home IP basically)

Yup. It'd look something like this on Windows:

Code:
route add <your home IP> mask 255.255.255.255 <internal IP of secondary router>

Make sure it works then add the -p flag to the command to make it persist through reboots. Obviously you need to do this on the office machine you're trying to connect to, not your home PC.
 

thee_rook

[H]ard|Gawd
Joined
Aug 30, 2007
Messages
1,031
Yes all you need is 2 nics to run 2 gateways at the same time. I am doing it now. also my primary connection is set as:
I.P. -192.168.1.239
Subnet: /24
Gateway: 192.168.2.1

You may also be able to do it via the alternate config page under your Internet Options -> Connections -> LAN Settings -> alternate. (XP)
I will try this in the morning.
 

PrincessFrosty

Supreme [H]ardness
Joined
May 6, 2009
Messages
5,905
Yup. It'd look something like this on Windows:

Code:
route add <your home IP> mask 255.255.255.255 <internal IP of secondary router>

Make sure it works then add the -p flag to the command to make it persist through reboots. Obviously you need to do this on the office machine you're trying to connect to, not your home PC.

I'm going to try this when I have a spare moment, thanks :)

*edit*

Yes this works!

Still I've just realised it's one or the other, you can't have both at the same time, obviously this stops you from logging in from the primary line. So to seamlessly get both you'd probably need 2 NICS or 2 PCs which is how I have it set up now. Actually it doesn't really matter that much since you can chain RDC through PC's with minimal lag so you can still get to where you need once you're in.

Thanks for your help keenan.
 
Last edited:
Top