Microsoft KB Archive/209404

= How to Configure Proxy Server 2.0 and IP Routing for Multiple Subnets =

Article ID: 209404

Article Last Modified on 12/6/2000

-

APPLIES TO


 * Microsoft Proxy Server 2.0 Standard Edition

-



This article was previously published under Q209404



SUMMARY
If you have multiple IP subnets connected by a router, and clients on both of these subnets need to use a proxy server that only resides on one of the subnets, you need to set up a static routing on the proxy server for each individual subnet.



MORE INFORMATION
A client computer on the same network as the proxy server can communicate with computers on the remote network and the proxy server. Clients on the remote network cannot even communicate with the proxy server and successfully ping the proxy server on the first network.

This behavior is a simple IP routing issue.

When you configure the network cards on a proxy server, you only configure one default gateway. You should set the default gateway on the external (Internet) network card of the proxy server. The default gateway points to the router that is used to communicate with the Internet.

You should not assign a default gateway to the internal (Intranet) network card. If you assign a default gateway to the internal interface, the proxy server can send all IP traffic out the external Network Interface Card (NIC) that the default gateway does not have a specific route for in the route table.

For example, when a client on Network A sends an IP packet to the proxy server on Network B, the proxy server does not know how to send packets back to Network B.

To provide the correct routing information for the proxy server to route packets from itself to the remote subnet, you need to insert a persistent static route into the route table of the proxy server that points back to the remote subnet.

To add a persistent route, type

route add -p (destination network) MASK (subnet mask) (gateway IP)

at the command prompt on the proxy server.

For example, if the proxy server is on the 192.168.6.0 network, and the clients are on the 192.168.7.0 network where the IP of the router to the remote network is 192.168.6.1, you would add a route by typing

route add -p 192.168.7.0 MASK 255.255.255.0 192.168.6.1

at the the command prompt.

It is a good idea to type route print at the command prompt after adding the persistent route to verify that you entered the route in correctly.

For more information on the route command, type route /? at the command prompt.

