Re: Win2K RRAS/VPN Help

1) Yes, having two NICs in the same IP subnet is a bad idea (especially
if you try to configure different gateway settings on the NICs). It is also
unnecessary and doesn't do anything useful. But if you disable NIC2, you
will need to change the port forwarding on the router so that it forwards
the VPN traffic to NIC 1. You should not need to change anything on the
server itself.

This probably won't solve all of your problems. Your server will still
be multihomed (ie have two interfaces) when a VPN client connects (because
of the "internal" RRAS interface 192.168.1.200 which is the endpoint of VPN
connections). This causes duplicate names and browsing problems.

The simplest way to fix this is to disable Netbios over TCP/IP on the
RRAS internal interface. The details are given near the end of KB 292822.

2) The person who set it up obviously didn't grasp the situation. If all the
machines are using the Linksys as their default gateway they can all plug
into the same switch. (NIC2 should be disabled and not plugged into
anything). The present setup would only make some sense if the Linksys and
the router were in a different IP subnet from the LAN clients. This is a
feasable solution but is not the one you are set up for. In that case, the
LAN clients would use the server's LAN NIC as their default gateway, not the
Linksys.

How about DNS? Are the clients set up to use the DC as their DNS server?
And is the server set to forward to a public DNS (such as your ISP)?

DMF wrote:
> All,
>
> I have inherited a site with Win2KS running AD/DNS/RRAS/VPN
> with a Linksys router running NAT/DHCP to share the DSL
> connection. Linksys is 192.168.1.1, Server LAN side NIC#1 is
> 192.168.1.2, RRAS Server is 192.168.1.200 on Server NIC#2
> IP=192.168.1.192, VPN Clients are *.200+, LAN Clients are
> *.100+ The Linksys is setup with a static IP WAN side with VPN
> traffic (typically PPTP clients on Win2K or WinXP) forwarding to
> the Server NIC#2 with IP=*.192 and connection to RRAS.
>
> The problem is that this setup is terribly unrealiable for the both
> LAN users and VPN clients. LAN side users often drop shared drives or
> lose internet connection. VPN users get weird login messages
> (duplicate name on network, etc), dropped connections or require
> multiple attempts to establish a connection. I have already replaced one
> flaky switch
> and a bad DSL modem -- so things are getting better. But to really make
> progress I think I am going to have to dig in and reconfigure this
> server. I am no expert but I'm reading a lot of whitpapers (and I
> stayed at a Holiday Inn last night ;-). So one of the first things I
> learned is that it is bad form to have two NICs in one server on the
> same subnet. The error log is full of errors regarding this and I think
> its one of the
> causes of the unreliable VPN connections. Anyway, today I tried to
> disable the NIC#2 and get the RRAS to use the NIC#1 IP, no joy.
>
> Questions...
>
> 1) Are the two NICs in one server on the same subnet the source of
> my grief? If so, how do I correct this? Even a temporary solution
> would be good -- until I can get up to speed on setting this server
> up properly.
>
> 2) Currently the DSL modem dumps into the Linksys router WAN
> side. LAN side of router is 192.168.1.1 and is the default gateway
> on the network. Server NIC#2 (IP=192.168.1.192) is plugged into
> the Linksy LAN port as are a couple of printers and then the Linksys
> is linked to a 16P switch. All the local Client PCs and the Server
> NIC#1 (IP=192.168.1.2) are plugged into the 16P Switch. This
> doesn't seem right to me.... it seems a little circular. Could this be
> a source of my problems?
>
> Thanks for any replies.
>
> Regards,
> David


.

Relevant Pages

  • Re: ISA 2004 setup fails on brand new SBS 2003 Premium installatio
    ... It will assist you in changing the SBS LAN NIC IP. ... How to configure Internet access in Windows Small Business Server 2003 ... how to use CEICW (Confgiure Email and Internet Connection Wizard) ... Nics in server attached to LAN switch in the 192.168.0.1-255 range ...
    (microsoft.public.windows.server.sbs)
  • Re: Client cannot connect to SBS2003
    ... I noticed that both NICs (internal LAN on the Server and NIC on ... LAN NIC and the LAN cable was plugged into the WAN NIC. ... >> Did you run the Internet and Email Wizard in Server Management Console? ...
    (microsoft.public.backoffice.smallbiz)
  • Re: NIC switch on SBS2003 SP1
    ... Updated the WINS server on the NIC setup ... Enabled Client for Microsoft Networks on LAN NIC ... I needed to leave DHCP on the router as my wireless ... You can rename the NICs to reflect their new role. ...
    (microsoft.public.windows.server.sbs)
  • Re: Dual-Network Card VPN Server?
    ... > You should not have two NICs in the same IP subnet. ... > the same subnet as your LAN machines, you only need one NIC in the server. ... >> set up VPN. ...
    (microsoft.public.windows.server.networking)
  • Linux on Linksys WRT54G
    ... customizing it by building my own firmware, to replace my existing firewall. ... and can't do with the Linksys box. ... DNS server both for caching on the LAN side, and for hosting a domain on ...
    (comp.os.linux.networking)