Re: Coexistence and routing of two internet feeds

From: Robert L [MS-MVP] (noreply_at_hotmail.com)
Date: 09/09/04 

Date: Thu, 9 Sep 2004 15:19:02 -0500

if I understand correctly, this is routing issue. assuming you have just one
VPN connection say, the VPN server is 10.0.0.1, you can configure the
routing table point all internet traffic to the VSAT and VPN goes to DSL. 

-- 
For more and other information, go to  http://www.ChicagoTech.net
Don't send e-mail or reply to me except you need consulting services. 
Posting on MS newsgroup will benefit all readers and you may get more help.
Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on 
http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
"Fernando Ronci" <fernandoronci@hotmail.com> wrote in message 
news:uhrcaRqlEHA.1152@TK2MSFTNGP11.phx.gbl...
> Hi,
>
> Here is my current setup.
> I administer a network comprised of several workstations running Windows
> 2000 Professional that have internet access through a Windows 2000 Server
> gateway which performs NAT between the network interface that "talks" to 
> the
> outside world, and the one that talks to the LAN. NAT is achieved via
> Windows 2000 Server's "Routing and Remote Access", as per Knowledge Base
> Article # 299801 configuration guidelines.
> On the LAN side, the Win 2K workstations have access to the web, SMTP, and
> the rest of the traditional internet services. Additionally, these client
> workstations establish a VPN connection to a remote server for corporate
> mail access. As with the ordinary internet traffic, the VPN is routed
> through the Windows 2000 Server NAT server. For security reasons, VPN 
> access
> and the rest of internet traffic are exclusive, that is, when a user does
> VPN he/she cannot access the web simultaneously and viceversa, so VPN and
> ordinary internet access never overlap.
> In this scenario, everything works absolutely fine. However, and for 
> reasons
> that go beyond the scope of this subject, the internet feed is of the VSAT
> type, with tons of downstream bandwidth available and a bare 19.2 Kbps for
> upload, which is kind of unsuitable for the VPN, where a more "symmetric"
> service would speed things up. Then, the company managers have thought of
> buying an ADSL connection which, although asymmetric, its upstream 
> bandwidth
> would meet our needs. Their goal is to use ADSL *only* for the VPN and 
> keep
> the other pipe for the web, etc. In this situation, the Win 2K Pro client
> workstations should be configured in such a way that they route their
> ordinary internet traffic through the VSAT pipe and the PPTP traffic 
> through
> the ADSL feed. At this point I have two doubts: 1) If this kind of routing
> is possible to achieve on the Win 2K workstations and 2) if it is possible
> to configure the "Routing and Remote Access" service on the Win 2K gateway
> to "include" the new ADSL connection. (I wouldn't mind if I had to add one
> or more NICs on the gateway machine).
> By the way, the two internet feeds come from different ISP's, thus the IP
> address range of the two feeds belong to different subnets. What's more, I
> dare say the ADSL provider will assign us a dynamic, already-NATted 
> address
> of class 192.168.x.x, as is common practice these days. On the other hand,
> the NIC on the WAN side of our gateway in our current setup owns a static,
> public IP address.
>
> I will appreciate if someone provided some insight on how to make two 
> feeds
> from different ISP's coexist and achieve proper routing without conflicts.
>
> Thank you.
> Fernando Ronci
> E-mail: fernandoronci@hotmail.com
>
>
>

Relevant Pages

  • RE: VPN Issue
    ... 317025 You Cannot Connect to the Internet After You Connect to a VPN Server ... | first done with a standard usb broadband modem on XP Professional. ...
    (microsoft.public.windows.server.sbs)
  • Re: Sometimes it works sometimes it doesnt (VPN data issues)
    ... NIC1 "Internet" is set to ... (the IP of the external firewall) and the DNS is set to ... A connection between the VPN server and the VPN client xxx.xxx.xxx.xxx ...
    (microsoft.public.windows.server.networking)
  • RE: VPN Error code 800 HELP!
    ... Can you visit Internet and OWA on SBS server? ... Just one PC get error code 800 connecting VPN connecting to SBS? ...
    (microsoft.public.windows.server.sbs)
  • RE: Sharing VPN client connection
    ... as a VPN server, configure the internal clients to connect the remote ... office by VPN connection and then access to the Internet from the Remote ... Enable internal clients to access the Internet. ... On the server, go to My Network Places, click New Connection Wizard. ...
    (microsoft.public.windows.server.sbs)
  • Re: The OTHER problem with Netgear WGT624 (and probably others)
    ... |>|>Isolated network zone, enforced by router and firewall rules. ... My preferred solution is to put the server behind ... |>| authenticated VPN and blocks all outbound connections. ... |>How does VPN help an office connect to the internet? ...
    (alt.internet.wireless)