Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Two networks on DHCP
  •  
Broker

Messages: 13
Karma: 0
Send a private message to this user
I have local network using 10.10.10.*. WinRoute is on 10.10.10.1. I've set DHCP and it works OK.

Now I need to connect few computers via Wireless but I want them in separate address mask so I choose 10.10.20.*. I have added another LAN adapter into WinRoute computer and gave it address 10.10.10.1, Acces poit addressed 10.10.10.2 is connected to that adapter and other computers are coming through AP.

I added new DHCP group to cover 10.10.20.* in WinRoute but it does not work. When they request DHCP it is not reachable. When I set address to remote computer it is connected and sees network as expected.

Is there something special to set or it won't work at all?

[Updated on: Wed, 25 August 2004 00:18]

  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
The second LAN network interface should have another address than the first LAN card. Replace the address of the second card with 10.10.20.1. Also replace the address of the AP with 10.10.20.2. Each segment (LAN) should have its own range of ip addresses.
To allow traffic between the LAN's add a rule:

name: internal traffic
source: LAN1, LAN2, Firewall
dest: LAN1, LAN2, Firewall
service: any
  •  
Broker

Messages: 13
Karma: 0
Send a private message to this user
I did exactly as you said, I mistyped addresses, probably it was quite late last night when I posted message.

Wireless is on 10.10.20.*, Lan adapter is 10.10.20.1, AP is 10.10.20.2, and when I use static addresses for other wireles computers they work ok in net, they are visible, they can see other computers on WLAN as well as LAN. But, when I set wireless computer to use DHCP it states there is no DHCP on net.

I tried similar thing but i set all in the same address range (10.10.10*), I did not use LAN cart for AP conection, but conected AP directly to switch with other computers and gave ti 10.10.10.101. Other wireless computers saw DHCP server and everything worked ok.

  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Maybe a problem with KWF?
  •  
wiper

Messages: 112
Karma: -1
Send a private message to this user
what kinda stuff u have to support ur wireless net? if u have an router or similar u prolly have to configure that one to give u IP address not KWF, and dont forget dns forwarding. A router dosen't forwarding broadcast by default and can't broadcast 4 IP address outside ur wifi stuff... if thats ur case...

gl //Wiper
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
I also have a AP in my LAN. It is configured as a bridge. The ip address of the AP is DHCP from KWF. The laptop also gets an ip address from DHCP KWF. All works fine for me but I do not use 2 LAN segments. The problem here seems to be DHCP services on a second LAN. Could you check the debug log. There should be entries like

[20/Aug/2004 19:17:30] Service "DHCP" started, bound to address 10.10.10.1
[20/Aug/2004 19:17:30] Service "DHCP" started, bound to address 10.10.20.1

If there is no entry for the second LAN, the DHCP server is nog listening to that LAN. You can add a temp rule to test DHCP:

name: test DHCP
source: interface connected to LAN2
dest: Firewall
service: DHCP/BOOTP
log: packets, connections

Check the filter log for entries.
  •  
Broker

Messages: 13
Karma: 0
Send a private message to this user
Thanks man. Your suggestion did not work but gave me a hint to a solution.

Indeed, all DHCP requests except for the first LAN were blocked.

I did not have DHCP service defined so I defined it as:

Name: DHCP
Protocol: UDP
Protocol inspector: none
Source port equal to: 68
Destination port equal to: 67
Description: DHCP

Then I added new traffic rule:

Name: DHCP
Source: any
Destination: any
Service: DHCP
Action: Allow

That works.


Destination could not be set to Firewall as you suggested because destination is usualy 255.255.255.255:67 when computer first asks for the DHCP.

I believe i could set destination to: Firewall, 255.255.255.255, but I suppose it is not security risk to allow DHCP request to any IP.


  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Nice to hear its working.

I believe i could set destination to: Firewall, 255.255.255.255, but I suppose it is not security risk to allow DHCP request to any IP.

No I think not (no extra risk). You listen only to the LAN1 and LAN2 NICs, not to the internet NIC.
  •  
Broker

Messages: 13
Karma: 0
Send a private message to this user
Well, it did not work in whole. It worked for computer that renewed DHCP info but not for one which was just turned on. I had to alter setup a bit:

Name: DHCP
Protocol: UDP
Protocol inspector: none
Source port in range: from: 67 to: 68
Destination port in range: from: 67 to: 68
Description: DHCP

Then I added new traffic rule:

Name: DHCP
Source: any
Destination: 255.255.255.255, Firewall
Service: DHCP
Action: Allow


Now it works in all cases.
  •  
adrian

Messages: 9

Karma: 0
Send a private message to this user
HI,
I have the same problem in my network and i did the job but my network doesn't work well.
If you can please help me.
I have in my server 3 network adapters and i renamed:
10.0.0.2 Retea
x.x.x.x Internet (my public IP from ISP)
192.168.0.2 Retea1
10.10.10.2 Retea2
I want to use the DHCP server option from Kerio to distribute the IP addresess in every lan but this don't work only in my first lan (Retea)
My DHCP server work ok because i have looked in logs and it started on all interfaces.
DHCp server distribute the ip addreses conform with the dhcp rules for every network but the Internet don't work only in my first network!!!(Retea)
Please help me ( I think you have resolved this before)

Thanks a lot


  •  
Broker

Messages: 13
Karma: 0
Send a private message to this user
Check filter log or attempted connections from ports 67 and 68 and connections to ports 67 and 68.

If you set KWS as I stated above your rule should catch any DHCP connection and allow it. If not, it will end up cached by default rule or some other rule. That will help you investigate.

If you want your computer to repeat DHCP request, go to command prompt and type ipconfig /renew
  •  
adrian

Messages: 9

Karma: 0
Send a private message to this user
thanks for your reply, but i didn't solve my problem
I looked in my log (Debug) and i saw the following:
I don't now if my DHCP server distribute the ip address to the computers from this log? I looked either in filter log and i didn't saw something about my traffic rule.
Please help me because a lot of people is waitting for this reason!!!
Thanks.

name: dhcp
source: any
destination: 255.255.255.255
protocol: dhcp/bootp
log

][24/Sep/2004 14:24:38] {dhcp} DHCP address handler [Transaction ID 0x6678031]: found existing lease for chaddr 00-60-97-c5-bc-3d (leased address = 192.168.0.12)
[24/Sep/2004 14:24:38] {dhcp} DHCP lease handler: lease modified (192.168.0.12, lease time = 7 days 00:00:00, srd)
[24/Sep/2004 14:24:38] {dhcp} DHCP server [Transaction ID 0x6678031]: sending DHCPOFFER to 00-60-97-c5-bc-3d (dest ip = 255.255.255.255, offered address = 192.168.0.12)
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: generated options >>>>>>>>>>
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 053 Message type : 2
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 054 Server identifier : 192.168.0.2
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 051 Lease time : 7 days 00:00:00
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 001 Subnet mask : 255.255.255.0
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 015 Domain name : bayern.ro
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 003 Default gateway : 192.168.0.2
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 006 DNS server : 192.168.0.2
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: 255 DHO_END
[24/Sep/2004 14:24:38] {dhcp_opt} DHCP option handler [Transaction ID 0x6678031]: <<<<<<<<<< option dump end
Previous Topic: W2K Server + RRAS + LAN Application
Next Topic: Problem with NT authentification with 6.05 version
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 19:40:17 CET 2017

Total time taken to generate the page: 0.00481 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.