Re: Coexistence and routing of two internet feeds
From: Bill Grant (not.available_at_online)
Date: 09/09/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: ISA 2000, Server 2003, and IPSEC Tunnel"
- Previous message: Robert L [MS-MVP]: "Re: Coexistence and routing of two internet feeds"
- In reply to: Robert L [MS-MVP]: "Re: Coexistence and routing of two internet feeds"
- Next in thread: Fernando Ronci: "Re: Coexistence and routing of two internet feeds"
- Reply: Fernando Ronci: "Re: Coexistence and routing of two internet feeds"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 10 Sep 2004 08:38:21 +1000
As Robert said, this is a routing problem that RRAS should be able to
handle. Two gateways are not really a problem if one of them is only used
for a specific group of IP addresses.
You cannot use RRAS to share two different Internet connections. You
need some sort of additional hardware/software to do load balancing. RRAS
will just use one gateway, and only switch if that goes down.
A VPN connection is different. You do not need to use default routing
for a VPN link because you know exactly what traffic needs to go over the
VPN. So you can set a default route to your Internet link but use a static
route to direct VPN traffic to a different gateway.
"Robert L [MS-MVP]" <noreply@hotmail.com> wrote in message
news:OfifCpqlEHA.3204@TK2MSFTNGP09.phx.gbl...
> if I understand correctly, this is routing issue. assuming you have just
one
> VPN connection say, the VPN server is 10.0.0.1, you can configure the
> routing table point all internet traffic to the VSAT and VPN goes to DSL.
>
> --
> For more and other information, go to http://www.ChicagoTech.net
>
> Don't send e-mail or reply to me except you need consulting services.
> Posting on MS newsgroup will benefit all readers and you may get more
help.
>
> Robert Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
> http://www.ChicagoTech.net
> This posting is provided "AS IS" with no warranties.
>
> "Fernando Ronci" <fernandoronci@hotmail.com> wrote in message
> news:uhrcaRqlEHA.1152@TK2MSFTNGP11.phx.gbl...
> > Hi,
> >
> > Here is my current setup.
> > I administer a network comprised of several workstations running Windows
> > 2000 Professional that have internet access through a Windows 2000
Server
> > gateway which performs NAT between the network interface that "talks" to
> > the
> > outside world, and the one that talks to the LAN. NAT is achieved via
> > Windows 2000 Server's "Routing and Remote Access", as per Knowledge Base
> > Article # 299801 configuration guidelines.
> > On the LAN side, the Win 2K workstations have access to the web, SMTP,
and
> > the rest of the traditional internet services. Additionally, these
client
> > workstations establish a VPN connection to a remote server for corporate
> > mail access. As with the ordinary internet traffic, the VPN is routed
> > through the Windows 2000 Server NAT server. For security reasons, VPN
> > access
> > and the rest of internet traffic are exclusive, that is, when a user
does
> > VPN he/she cannot access the web simultaneously and viceversa, so VPN
and
> > ordinary internet access never overlap.
> > In this scenario, everything works absolutely fine. However, and for
> > reasons
> > that go beyond the scope of this subject, the internet feed is of the
VSAT
> > type, with tons of downstream bandwidth available and a bare 19.2 Kbps
for
> > upload, which is kind of unsuitable for the VPN, where a more
"symmetric"
> > service would speed things up. Then, the company managers have thought
of
> > buying an ADSL connection which, although asymmetric, its upstream
> > bandwidth
> > would meet our needs. Their goal is to use ADSL *only* for the VPN and
> > keep
> > the other pipe for the web, etc. In this situation, the Win 2K Pro
client
> > workstations should be configured in such a way that they route their
> > ordinary internet traffic through the VSAT pipe and the PPTP traffic
> > through
> > the ADSL feed. At this point I have two doubts: 1) If this kind of
routing
> > is possible to achieve on the Win 2K workstations and 2) if it is
possible
> > to configure the "Routing and Remote Access" service on the Win 2K
gateway
> > to "include" the new ADSL connection. (I wouldn't mind if I had to add
one
> > or more NICs on the gateway machine).
> > By the way, the two internet feeds come from different ISP's, thus the
IP
> > address range of the two feeds belong to different subnets. What's more,
I
> > dare say the ADSL provider will assign us a dynamic, already-NATted
> > address
> > of class 192.168.x.x, as is common practice these days. On the other
hand,
> > the NIC on the WAN side of our gateway in our current setup owns a
static,
> > public IP address.
> >
> > I will appreciate if someone provided some insight on how to make two
> > feeds
> > from different ISP's coexist and achieve proper routing without
conflicts.
> >
> > Thank you.
> > Fernando Ronci
> > E-mail: fernandoronci@hotmail.com
> >
> >
> >
>
>
- Next message: anonymous_at_discussions.microsoft.com: "Re: ISA 2000, Server 2003, and IPSEC Tunnel"
- Previous message: Robert L [MS-MVP]: "Re: Coexistence and routing of two internet feeds"
- In reply to: Robert L [MS-MVP]: "Re: Coexistence and routing of two internet feeds"
- Next in thread: Fernando Ronci: "Re: Coexistence and routing of two internet feeds"
- Reply: Fernando Ronci: "Re: Coexistence and routing of two internet feeds"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
