DHCP Help

[dzonidev]

I have two switches. One is where all my main computers are hooked up, and then the other switch (this Cisco one) is where the servers are. I want the main computers to be able to see the shared drive that I have on my active directory. I also want the server to be able to see my nas, which is on the other switch.

 

Well just connect the two switches. If they are on the same subnet, there shouldn't be any issues. Is the other switch (main computers) managed?

[Penny5837]

edit: people beat me to it!

You don't "need" to set up ssh, but you can do this if you want, it's always a good practice. 3560 is actually a pretty good switch, very well rounded and has most features you would want out of a layer 3 switch (ios dependent of course). You seem to be getting some great help here but your initial question remains unanswered.

To set up a dhcp server first exclude any addresses you do not want dhcp handing out.

R1(config)#ip dhcp excluded-address 192.168.0.1 192.168.0.10 (the address range you want excluded from dhcp, you can add in as many as you want)

Then we create a dhcp pool, name of your choice, that hands out the ip address of the default gateway, dns server and an ip address to be used.

R1(config)#ip dhcp pool MYPOOL (you can replace MYPOOL with whatever you want, or leave it as is)

R1(dhcp-config)#network 192.168.0.0 255.255.255.0

R1(dhcp-config)#default-router 192.168.0.1

R1(dhcp-config)#dns-server 8.8.8.8 8.8.4.4

And that is pretty much it, if you want to cheat here are the commands you can copy and paste into the ios cli. Just ensure you have the correct addresses for your environment.

conf t

ip dhcp excluded-address 192.168.0.1 192.168.0.10

!

ip dhcp pool MYPOOL

network 192.168.0.0 255.255.255.0

default-router 192.168.0.1

dns-server 8.8.8.8 8.8.4.4

If you need any help with any other configuration of your switch, just post here or search for ios configuration guide for the technology you are looking to set up. Cisco has everything very well documented in easy to follow guides that are free for everyone to use. Goodluck.

Sorry, I don't need dhcp anymore, but thank you for trying. If you look at some of the things that I posted earlier you'll see what I need it for now. Thank you again for trying.

[Penny5837]

Well just connect the two switches. If they are on the same subnet, there shouldn't be any issues. Is the other switch (main computers) managed?

Okay, so the internet comes in from my modem into my router. The router goes to the switch and the Ethernet ports in the house. One of the ports connects to my WiFi router and that router has my computer, the nas and all other clients on it. The computers that are directly connected to the Ethernet can see my server and vice versa. The computers that are on the WiFi router cannot, but can ping the server and retrieve info from them, just not able to see them on windows explorer.

[Penny5837]

Okay, so the internet comes in from my modem into my router. The router goes to the switch and the Ethernet ports in the house. One of the ports connects to my WiFi router and that router has my computer, the nas and all other clients on it. The computers that are directly connected to the Ethernet can see my server and vice versa. The computers that are on the WiFi router cannot, but can ping the server and retrieve info from them, just not able to see them on windows explorer.

I think the problem might be my WiFi router, but I have no idea.

[dzonidev]

I think the problem might be my WiFi router, but I have no idea.

 

I think the issue is the router. Also as a suggestion I recommend running everything off of the Catalyst to simplify things. If physically possible of course.

[Penny5837]

I think the issue is the router. Also as a suggestion I recommend running everything off of the Catalyst to simplify things. If physically possible.

I can run it, but I have speeds from my ISP that are higher than the switch supports, so I have the router, doing gigabit. I really don't want to limit my speed, because then I'm paying for something I can't use.

[dzonidev]

I can run it, but I have speeds from my ISP that are higher than the switch supports, so I have the router, doing gigabit. I really don't want to limit my speed, because then I'm paying for something I can't use.

 

Well that changes things. Try rebooting the WiFi router. And check your sharing settings on WiFi devices.

[Penny5837]

Well that changes things. Try rebooting the WiFi router. And check your sharing settings on WiFi devices.

Well if it helps any the nas and my computer are hooked via Ethernet.

[Penny5837]

Okay I got it to work, and I updated the IOS, now all I have to do is get the WiFi router to work. Also, earlier (I don't know when) I was able to access the WiFi router's web page on any device, now I can't, unless its a device on the WiFi Router. Dose anyone know how to fix this?

[Penny5837]

Well that changes things. Try rebooting the WiFi router. And check your sharing settings on WiFi devices.

Alright, so I found all the settings and enabled all of it, sadly it still isn't working.

If you want to see the settings I enabled here's a picture:

 

[Penny5837]

This is what it's showing on the WiFi router.

 

 

This is what its showing on the switch

 

 

 

The first picture should have those computers showing, and the second should show everything from the first picture. Note, these are two different machines on two different switches.

[brwainer]

Alright, so I found all the settings and enabled all of it, sadly it still isn't working.

If you want to see the settings I enabled here's a picture:

Router.PNG

So, just to double check, on the "WIFI Router", have you set that to work only in AP mode, or alternatively disabled it's builtin DHCP and connected it to the rest of the network by using a LAN port instead of a WAN port? Your symptoms so far sound to me like the Asus device is isolating everything downstream of it (on Wifi) from everything upstream of it by setting up a second NAT layer.

[dzonidev]

-snip-

 

First of all, check @brwainer's post. Because if the WiFi router is not on the same subnet and it's doing NAT, that's likely the issue. Second, if your Asus router is on the same subnet and it's not routing, just serving as an AP. Try pinging the network devices with their NETBIOS names. If you can resolve them and can reach them, try accessing them manually with Windows Explorer.

 

Also it would be good to make a basic logical diagram of your network (Include IP addreses), that way we can assist you as best as we can.

[Penny5837]

So, just to double check, on the "WIFI Router", have you set that to work only in AP mode, or alternatively disabled it's builtin DHCP and connected it to the rest of the network by using a LAN port instead of a WAN port? Your symptoms so far sound to me like the Asus device is isolating everything downstream of it (on Wifi) from everything upstream of it by setting up a second NAT layer.

No I have not. I have it set to "Wireless router mode" and the dhcp is on. What's the difference between the WAN and the LAN? And it probably is the Asus, I just have no idea what's wrong, because in my mind I've configured everything that I think would make it work.

[Penny5837]

Also it would be good to make a basic logical diagram of your network (Include IP addreses), that way we can assist you as best as we can.

Alright, I'll work on that.

[Penny5837]

No I have not. I have it set to "Wireless router mode" and the dhcp is on. What's the difference between the WAN and the LAN? And it probably is the Asus, I just have no idea what's wrong, because in my mind I've configured everything that I think would make it work.

Also on the WAN settings on my WiFi router let me portforward. If I was to disable the WAN would I lose this functionality?

Also, if I want to portforward a device on the network, I have to portforward it on both routers.

[Penny5837]

Here are the settings if you are wondering.

[brwainer]

What is happening here is that you have two layers of NAT (Network Address Translation) on top of each other, making two networks. First you have the internet, the true WAN (Wide area network). Then you have the old router that you say is doing DHCP, and is doing the first laye rof NAT between the WAN IP it has, and the LAN IPs it is giving out. Next you have the Asus router doing the exact same thing - it is treating the LAN of the firstrouter as if it was the internet, and creating it's own LAN inside of that, with it's own DHCP. This is what "wireless router mode" means - treat the WAN connection as the big scary outside internet, and protect my precious little LAN. When you use the port forwarding in this mode on the Asus, it would only forward packets from the house network (the LAN of the other router) to devices inside it's own LAN. To forward ports from the internet, you have to do it on the router connected to the internet. While you CAN make this work with enough jiggering and port forwarding and maybe even a VPN to tunnel back up to the house LAN, it's not a good idea for performance or ease of use to have two layers of NAT. (There are legitimate reasons to use two layers of NAT, to somewhat isolate an inside network, for example, but even then the same goals can usually be achieved by some other network design)

There's basically two options to make this a single cohesive IP network. Either remove the old router and have the Asus do everything, or set the Asus to work as an AP. Being an Access Point means that you lose all functionality related to the firewall and NAT of the router in question, because it will just translate data from the wireless clients onto the attached wired network and vice versa. There are two equally valid ways to make the Asus into an AP. the first is to change it's setting to AP mode, and be done with it. The other way is to leave that mode setting as-is, and merely disable DHCP on the Asus, and then move the wire connecting the Asus to the rest of the network from the WAN port to the LAN port. I prefer (and use on two different routers) the second approach, becuase then the router is still mostly in it's normal configuration, and you can use it as a backup router just by fixing the wiring and enabling the DHCP or having something else on the network do DHCP.

[Penny5837]

What is happening here is that you have two layers of NAT (Network Address Translation) on top of each other, making two networks. First you have the internet, the true WAN (Wide area network). Then you have the old router that you say is doing DHCP, and is doing the first laye rof NAT between the WAN IP it has, and the LAN IPs it is giving out. Next you have the Asus router doing the exact same thing - it is treating the LAN of the firstrouter as if it was the internet, and creating it's own LAN inside of that, with it's own DHCP. This is what "wireless router mode" means - treat the WAN connection as the big scary outside internet, and protect my precious little LAN. When you use the port forwarding in this mode on the Asus, it would only forward packets from the house network (the LAN of the other router) to devices inside it's own LAN. To forward ports from the internet, you have to do it on the router connected to the internet. While you CAN make this work with enough jiggering and port forwarding and maybe even a VPN to tunnel back up to the house LAN, it's not a good idea for performance or ease of use to have two layers of NAT. (There are legitimate reasons to use two layers of NAT, to somewhat isolate an inside network, for example, but even then the same goals can usually be achieved by some other network design)

There's basically two options to make this a single cohesive IP network. Either remove the old router and have the Asus do everything, or set the Asus to work as an AP. Being an Access Point means that you lose all functionality related to the firewall and NAT of the router in question, because it will just translate data from the wireless clients onto the attached wired network and vice versa. There are two equally valid ways to make the Asus into an AP. the first is to change it's setting to AP mode, and be done with it. The other way is to leave that mode setting as-is, and merely disable DHCP on the Asus, and then move the wire connecting the Asus to the rest of the network from the WAN port to the LAN port. I prefer (and use on two different routers) the second approach, becuase then the router is still mostly in it's normal configuration, and you can use it as a backup router just by fixing the wiring and enabling the DHCP or having something else on the network do DHCP.

Alright, sounds good. Thank you so much for you help, sadly I'm at school right now, so I can't work on it right now, but as soon as I get home, I will do the second option.

[brwainer]

Alright, sounds good. Thank you so much for you help, sadly I'm at school right now, so I can't work on it right now, but as soon as I get home, I will do the second option.

Alright, good luck, let us know how it goes

[Penny5837]

Alright, good luck, let us know how it goes

Alright, alright, it actually worked. Thanks man. With better networking comes better speed, am I right? http://www.speedtest.net/my-result/4618919734   I pay for 150 and this is what I get lol. Alright, the only problem that I have now is that for some reason I can get to the webpage of my WiFi router now, but it's no big deal, because I shouldn't have to mess with it any way. I'd just prefer to be able to connect to it.

[brwainer]

Alright, alright, it actually worked. Thanks man. With better networking comes better speed, am I right? http://www.speedtest.net/my-result/4618919734   I pay for 150 and this is what I get lol. Alright, the only problem that I have now is that for some reason I can get to the webpage of my WiFi router now, but it's no big deal, because I shouldn't have to mess with it any way. I'd just prefer to be able to connect to it.

What you have to do is set the IP address of the wifi router, the internal one that probably defaulted to 192.168.1.1 or something like that, to be inside the IP subnet of the other router, (but not within the range it gives out for DHCP!) So for example for my setup, I have the router running DHCP with an IP address of 192.168.1.1, then my managed swtich at 192.168.1.2, and then my second router running as an AP as I described above at 192.168.1.3. the router running DHCP only gives out the IP addresses 50-200, so .3 is a safe IP to set statically in my network. And note for the future, the device running DHCP doesn't have to be at .1, and neither does the gateway to the internet (the device with the WAN IP) - you just have to make sure that the DHCP server is always telling clients where their default gateway actually should be.

[Penny5837]

What you have to do is set the IP address of the wifi router, the internal one that probably defaulted to 192.168.1.1 or something like that, to be inside the IP subnet of the other router, (but not within the range it gives out for DHCP!) So for example for my setup, I have the router running DHCP with an IP address of 192.168.1.1, then my managed swtich at 192.168.1.2, and then my second router running as an AP as I described above at 192.168.1.3. the router running DHCP only gives out the IP addresses 50-200, so .3 is a safe IP to set statically in my network. And note for the future, the device running DHCP doesn't have to be at .1, and neither does the gateway to the internet (the device with the WAN IP) - you just have to make sure that the DHCP server is always telling clients where their default gateway actually should be.

It's set to 192.168.1.3 and the normal router is set to 192.168.1.1 and my switch is set to 192.168.1.2. I have no idea why it's not letting me access the page.

[brwainer]

It's set to 192.168.1.3 and the normal router is set to 192.168.1.1 and my switch is set to 192.168.1.2. I have no idea why it's not letting me access the page.

double checking - the LAN IP is set to 192.168.1.3, not the WAN IP, and the ethernet connection to the rest of the netwokr is in a LAN port?

[Penny5837]

double checking - the LAN IP is set to 192.168.1.3, not the WAN IP, and the ethernet connection to the rest of the netwokr is in a LAN port?

I think the WAN IP is set to 192.168.1.3, and I'm just using the switch, and not the WAN port.