Comcast installed a Juniper Universal Access Router ACX1100, I plugged our switch to the port that the technician told us that is in/out port. But nothing happened, after reading and asking I was told that I need a managed switch to be configured with the gateway IP and that IP is a /29. That's where I got lost. According to him there are 6 usable IP's.
example:
Gateway: 192.168.120.161/29
Usable Range: 192.168.120.162 - 192.168.120.167
One of my multiple questions is what hardware do I need to be able to connect my PC's?, I configured a managed switch, but when I connect my laptop to it I get Unidentified Network and No Internet Connection.
I have been reading and I think I need a VPN with DHCP server integrated.
If some one can help me I'll appreciate it.
/29 is the subnet mask, it can also be expressed as 255.255.255.248. Basically it defines which part of the IP is the network ID and which part of IP is the host ID.
I think in order to accurate assess your situation, we need to know exactly what kind of configuration you set on the managed switch you purchased, also which managed switch did you purchase?
Also currently on your laptop's NIC, what IP is assigned on there?
Either on your old unmanaged switch or on the managed switch, you can try assigning one of the addresses from the /29 block that the technician told you about statically. And the default-gateway with the addresses you posted in your question.
Related
I got a bit of a problem lately. I want to access my home network from the internet using a VPN and DynDNS.
For DynDNS I registered a free domain name at TwoDNS. My router is also setup to tell the DNS server its current IP address once in a while.
But then I realized that the address shown at TwoDNS doesn't match the address my router has. This is due to the fact that I am living at a student residence that is connected to the network of our university.
So my local network probably lies behind multiple NAT-routers. Usually this would require a port forward but how if I am not in control of the routers.
Maybe an external server with a constant connection to my home network will do the trick. What do you think?
Is there some kind of dynamic NAT?
Thanks in advance for any help
The solution is simple and there is one specific service to enable just what I described: LogMeIn Hamachi
We are attempting to use a Cisco ASA as a VPN as well as forward traffic to two servers.
Our ISP has given us a range of IP addresses that are sequential.
154.223.252.146-149
default GW of 154.223.252.145, we're using netmask 255.255.255.240
We have the first of these, 154.223.252.146, assigned to the external interface on our ASA and it’s successfully hosting our VPN service. It works great.
The next and final goal is to have 154.223.252.147 forward https traffic to 10.1.90.40 and 154.223.252.148 forward https traffic to 10.1.94.40.
Our current blocker is our inability to get the outside interface of the asa to respond to these ip addresses.
We’ve been able to use 154.223.252.146 to forward https traffic correctly. So we know that works.
I’ve plugged my laptop into the switch from our ISP and have successfully manually assigned 154.223.252.147 and 154.223.252.148 with the default gw of 154.223.252.145 and was happily connected. So we know the IP’s are there and available, we just need to convince the ASA to respond to them and use them to forward https.
We’ve tried plugging cables from the switch into other interfaces on the firewall. This failed because the netmask overlaps with our first outside interface 154.223.252.146 255.255.255.240, Cisco hates this and doesn’t allow it.
We’ve read documentation and have heard that it’s possible to assign a range of IPs to the ouside interface by defining a vlan. We do not know how to successfully make this work and out attempts have failed.
What's the best way to accomplish this configuration with a Cisco ASA?
You don't need to assign multiple IPs from the same range to more than one interface. That doesn't work with Cisco. Instead try a static one to one NAT for your Web server and terminate your VPN traffic on the IP address assigned to the interface.
Watch this video for one to one NAT:
https://www.youtube.com/watch?v=cNaEsZSsxcg
Cisco has an active scanning technology that was enabled on this ASA. We were able to diagnose it by intermittent bad behavior. After troubleshooting long enough we realized that some of the behavior couldn't be consistent with the changes we were making. So we started looking for things that the firewall would be trying to do by itself. That ended up helping us narrow it down. Disabling active scanning allowed our external vlan configurations to work. Now moving on to tightening up the configs.
My friend wanted to connect to my computer using Remote Desktop Connection. But the problem is I am confused what my Ip address is.
My computer is connected to the internet via router via broadband internet network. My ip address is dynamic.
Here, my main purpose is not only the remote connection but also learning how dynamic ip connect to another pc.
I searched for ip address on Google. They show me an ip address. But I think it is not mine, it's related with the router or broadband network. I also find a WAN ip (it is different from that i found on google) on router settings. It did't work.
I used Team Viewer. It worked perfectly. But I want to do that manually because I am going to make a multiplayer game on GM8.
It will helpful if someone explain about ip and port forwarding.
Teamviewer is a great tool, but uses different techniques than what you plan to do. Teamviewer always uses an outgoing connection and use a mediator on the Internet to connect you and the other PC.
You should ask your Internet provider if he technically enables you to be reachable from the outside Internet. Often this is not possible at all, even if you configure your router the correct way.
When you ask this you can ask him if you have a static IP.
It seems you are not aware of basics of IP networking, so I'd strongly advise against trying this on your router as wrong settings would render it useless. But here's for your information how port forwarding and IP Address and dynamic DNS can be used to solve your problem.
Basically your ISP is likely to give you a router having an IP address. If this IP address is a global IP address, it is possible to connect to this IP from outside. How do you find out whether your IP address is global? Look for your WAN IP address setting. If it is in 10.x.x.x or 192.168.x.x range, it's unlikely to be global and in that case it might not be possible to connect to your computer from outside - without help of a third server (some kind of a registration server, where you connect and register your application). The Registration server would determine your globally visible IP address and then convey it to another Application who is interested in connecting to it. This is somewhat complicated to make it work (but if you intend to make a game - this is something you'd have to do regardless). This is mostly how software like TeamViewer would work.
If you have a global IP address - it means it can technically be reached from anywhere in the world. In that case you could use port forwarding to make things work for you. Port forwarding works basically as follows - You expose a certain port (on TCP) to external world - say 8000 and then you make a setting like following on your router.
<TCP>-<RouterIP>-8000 --> <TCP>-<Your LAN IP><Your application Port>
(You can find you lan ip using ipconfig on windows or ifconfig on Linux).
Now all connections coming to port 8000 would be directed to your application. You might want to do it on UDP as well and the protocol above would change. That is how you 'open' a few ports to be accessible from outside, configure them on your router and then run corresponding applications on your network.
There's another thing called dynamic DNS, where the IP address you use if it is dynamic (and global) can be registered with a Dynamic DNS server so that you don't have to know and remember the current WAN IP Address. But that can be for later.
Hope that helps.
I'm currently revising for an exam and I'm stuck on a question which is:
"Explain the static and dynamic host configuration approaches."
I'm unsure if the answer is correct but what I've write is this:
static host configuration are hard-coded addresses that will only work on one specific network segment, which is intended for stationary computers
dynamic host configurations work best with portable computers like laptops that move between network segments.
that's my answer, could anyone help me to understand if this is correct or not?
You are correct about the difference. But there s a lot more than what you have stated.
DHC : Used to configure IP addresses automatically to the systems without any intervention of network administrator.
For Eg. When you register for a new internet connection, your ISP(network administrator, in this case) will provide you access to the DHCP server which ll allot you the IP address on the runtime.
To prevent the same IP address being assigned to two different computers
Also the main use is, ISP s will have a range of IP addresses with them. You ll be assigned any of their IPs dynamically by DHCP Server when your lease time expires for a particular IP that have been assigned earlier
SHC : Used to manually configure the IP addresses to systems.
When you knew how many systems are going to be present exactly inside the network
And when you want to uniquely identify a system in the ntwk using its IP address
For Eg. When you configure LAN in your house, between, say, around 4 computers. You will know exactly the number of systems in the group. So you don't have to allot a DHCP Server to allot the IP addresses for these 4 systems. YOu manually configure them
Hope that helps :)
Is there an elegant way to make a program detect a new computer that is connected to the network?
I would like my program to "auto-sense" a new computer being connected on the network (they're on the same network). Like a USB device being connected to the computer.
What I'm doing now is to save a list of all computers in the network from time to time. Another approach is to PING all available IPs on the subnet.
Are there any other elegant approaches?
Thanks!
Listening for ARP requests is the canonical way to do this. Independent of DHCP or not, any connected computer that wishes to communicate with the outside world will have to make an ARP request for the address of the default router. This request will go out as a broadcast, and contain the source interface's MAC and IP adresses.
If the other computer uses DHCP, it will make an ARP request for it's own address as part of duplicate address detection, which is also a broadcast you can snoop on.
(This works more or less the same way for IPv6, except you need to look for neighbor discovery or router soliciation packets instead.)
Like the answer alluded to, if you have a switch to which you can telnet or use SNMP on, you can extract the MAC table. That will give you a list of MAC adresses on each port in the switch. If you want the IP addresses however, you still need to listen for ARP:s.
On the other hand, if you have access to the default gateway on the network, you can also look at the ARP table there. That will give you MAC and IP addresses for anyone that has recently (for different values of recently...) communicated with it.
If you have a managed switch of some kind, you could probably connect to that, that would be a fairly elegant method.
If you're on a domain, you can can get a list of all the machines joined to the domain from the domain controller.
Failing that, all I can think of is either a challenge/response thing (e.g. pinging them) or by detecting traffic sent from them (see this question maybe as a starting point?), neither of which strike me as an elegant approach.