dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
7209
IPFW
Premium Member
join:2004-03-10
Yorkville, IL
Ubiquiti EdgeRouter PoE
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti UniFi AP-LR

IPFW

Premium Member

Windows Vista file sharing across 2 local subnets.

I have 2 Vista boxes running behind a nat router. My setup looks like the following; I have a wired box on 192.168.0.1 subnet and I have a wireless box on the 192.168.2.1 subnet.

They both have full unfiltered access to eachother. I googled the procedure and the recommended services needed to be started for sharing to be enabled. Everything looks good but I can't see the public shares of either Vista box from the other. Only when browsing thru the local machine under the network sharing window.

They are both on the same Workgroup. They can access eachother with 'ping' and can access the internet. Everything looks good as far as I'm concerned.

Does anyone have any tips or any things that I should look at? I'm thinking that it may have something to do with the routing on the Nat router but I'm not sure what to look for to determine that. If it helps any, I'm running OpenBSD as the router.

cacroll
Eventually, Prozac becomes normal
Premium Member
join:2002-07-25
Martinez, CA

1 edit

1 recommendation

cacroll

Premium Member

said by IPFW:

I have 2 Vista boxes running behind a nat router. My setup looks like the following; I have a wired box on 192.168.0.1 subnet and I have a wireless box on the 192.168.2.1 subnet.

They both have full unfiltered access to eachother. I googled the procedure and the recommended services needed to be started for sharing to be enabled. Everything looks good but I can't see the public shares of either Vista box from the other. Only when browsing thru the local machine under the network sharing window.

They are both on the same Workgroup. They can access eachother with 'ping' and can access the internet.


With Windows using IP networking (the default and by far most common protocol), and with the 2 computers on different subnets, you shouldn't expect the 2 computers to see each other.
»networking.nitecruzr.net ··· ing.html

With the workgroup spread over 2 subnets, you'll have a segmented workgroup, and 2 separate broadcast domains. Each computer will be a master browser, and neither will be able to see the other.
»nitecruzr.blogspot.com/2 ··· ets.html

Matt3
All noise, no signal.
Premium Member
join:2003-07-20
Jamestown, NC

Matt3

Premium Member

Great info cacroll See Profile. I did not know that and I would have assumed since they could ping each other, Windows would be able to share files between them. What an excellent tidbit of knowledge to keep in the back of my head.
CB0
join:2008-05-02
Goshen, NY

3 edits

CB0 to IPFW

Member

to IPFW
said by IPFW:

I have 2 Vista boxes running behind a nat router. My setup looks like the following; I have a wired box on 192.168.0.1 subnet and I have a wireless box on the 192.168.2.1 subnet.

They both have full unfiltered access to each other. I googled the procedure and the recommended services needed to be started for sharing to be enabled. Everything looks good but I can't see the public shares of either Vista box from the other. Only when browsing through the local machine under the network sharing window.

They are both on the same Workgroup. They can access each other with 'ping' and can access the internet. Everything looks good as far as I'm concerned.

Does anyone have any tips or any things that I should look at? I'm thinking that it may have something to do with the routing on the Nat router but I'm not sure what to look for to determine that. If it helps any, I'm running OpenBSD as the router.
OK...your problem is due to a couple of things. One being the fact that broadcasts do not route. That's the main purpose of a router. To separate collision and broadcast domains. Think of a broadcast domain as a segment where only machines within that segment communicate their existence to other machines within the same segment. For example...broadcasts for a second subnet for example of 192.168.1.x computers will not go out to the the 192.168.0.x subnet. Same goes for the 192.168.0.x subnet. Broadcasts will only be sent to devices within that subnet. So say for example on the second router you have your WAN IP set to 192.168.0.254 with a subnet mask of 255.255.255.0 and a default gateway of 192.168.0.1, the broadcasts from all machines on the 192.168.0.x network will reach 192.168.0.254 however due to the nature of the router, once it reaches here, it will get dropped...why? This is because the router doesn't have recall any machines on the second subnet requesting that broadcast. This can cause a major problem for file sharing as you can only browse upstream and you can only do so with IP addresses not names. What I mean by that is that you can't access the 192.168.1.x subnet and further subnets down from the 192.168.0.x...at least not without the use of a VPN (Virtual Private Network). I think if you have Windows Server 2003 you might be able to setup a WINS server and configure your routers to use that to browse using NetBIOS names. Not sure how it's setup though. I know I sound smart but I don't know everything. Another problem you have is NAT...you're using one WAN IP address to account for all the requests coming behind the second router. That can cause a headache sometimes. The only thing you have to worry about is that if you're going to do double NAT you have to double port forward. For example...port forward requests from one router to the WAN IP of the second. Then port forward from that router to a WAN IP of a router connected to that router...or in your case the LAN IP of the machine behind the second router. Now...as far as File Sharing goes there's a couple of things you could do.

1. Setup a DMZ on the second router to point to the IP address of the computer you wish to access. This will setup all of the ports to be open. With this method, by using the WAN IP of your second router you can access that one you specified in DMZ by IP address. One thing with this...you might have to set your XP firewall to accept requests on all of the File and Printer Sharing ports from all subnets.

2. Drop the second router totally and replace it with a switch or just connect a wire straight from the PC to the one router. They will be on the same broadcast domain and will be able to access each other perfectly fine since the computer will get a IP within the same broadcast domain as your other computer.

3. Connect the cable to the LAN port on the second router instead of the WAN port and configure what was the WAN IP of the second router as the LAN IP instead. Now the router will act as a switch and the router will be part of the same broadcast domain.

Also not that you're looking to do this but I figured I'd mention this. If you wanted to create totally independent subnets you could do so with three routers. One would be the gateway router which is connected to the modem. Then you would have to router go branch off the LAN ports on that router to the WAN ports of the other two. With this method you can prevent access to the second routers subnet from the third and vice versa. Also any computers on the gateway router would not be able to access anything on the other two. This could be useful if you had two subnets that you that shared one common server for file sharing or mapped network drives. So you could attach a server to the first router and any routers with a WAN IP of the gateway router would work. Still have the problem of not being able to browse by NetBIOS name but it's just a idea or concept. Although a server is not required for this setup to work and I've tested it myself and it works like a charm.

Hope this helps you out and if you're confused about anything let me know so I can clarify for you.

EDIT: Added more information.

cacroll
Eventually, Prozac becomes normal
Premium Member
join:2002-07-25
Martinez, CA

cacroll to Matt3

Premium Member

to Matt3
said by Matt3:

Great info cacroll See Profile. I did not know that and I would have assumed since they could ping each other, Windows would be able to share files between them. What an excellent tidbit of knowledge to keep in the back of my head.


Thanks for the feedback, Matt. Windows Networking is full of oddities like the browser (and how many times I have to tell someone "No, I'm not discussing Internet Explorer here, and yes this is a problem even if you have Internet service."), NetBT, and SMBs.