|
We may have many issues with this configuration. The DNS
should be 127.0.0.1. However, that is no thing to do with the routing
issue.
The routing problem is the DW should be 192.168.10.1 instead
of 192.168.20.1.
Robert,
Thanks for the reply. Here is a dump before any manual
modifications
I've tried (MAC Addresses have been removed for security
reasons). More
info on the network setup I forgot to mention in the
original post is in the
reply to Bill Grant.
Thanks for any
help,
Mike B.
I.D.M. Technologies
Milwaukee, WI,
USA
c:\ipconfig /all
Windows 2000 IP
Configuration
Host Name . . . . . . . . . . . . :
server
Primary DNS Suffix . . . . . . . :
abc.local
Node Type . . . . . . . . . . . . : Hybrid
IP
Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . .. . . .
. : No
DNS Suffix Search List. . . . . . : abc.local
Ethernet
adapter LAN:
Connection-specific DNS Suffix .
:
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX
NIC
(3C905B-TX) #1
Physical Address. . . . . . . . . : *Removed
from post for security
reasons*
DHCP Enabled. . . . . . . .. . . .
: No
IP Address. . . . . . . . . . . . : 192.168.20.2
Subnet
Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . .. . . .
. . . . : 192.168.20.1
DNS Servers . . . . . . . . . . . :
192.168.20.2
Primary WINS Server . . . . . . . :
192.168.20.2
Ethernet adapter VPN:
Connection-specific DNS
Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink
XL 10/100 PCI TX NIC
(3C905B-TX) #2
Physical Address. . . .. . . .
. . : *Removed from post for security
reasons*
DHCP Enabled. . . .
. . . . . . . : No
IP Address. . . . . . . . . . . . :
192.168.10.2
Subnet Mask . . . . . . . . . . . :
255.255.255.0
Default Gateway . . . . . . . . . :
DNS
Servers . . . . . . . . . . . : 127.0.0.1
c:\route print
*
===========================================================================
Interface
List
0x1 ........................... MS TCP Loopback interface
0x2
...*Removed MAC from post for security reasons* ...... 3Com EtherLink
PCI
(Microsoft's Packet Scheduler)
0x3 ...*Removed MAC from post for security
reasons* ...... 3Com EtherLink
PCI (Microsoft's Packet
Scheduler)
===========================================================================
===========================================================================
Active
Routes:
Network Destination
Netmask
Gateway Interface
Metric
0.0.0.0
0.0.0.0 192.168.20.1
192.168.20.2 1
127.0.0.0
255.0.0.0
127.0.0.1 127.0.0.1
1
192.168.10.0
255.255.255.0 192.168.10.2
192.168.10.2 1
192.168.10.2
255.255.255.255
127.0.0.1 127.0.0.1
1
192.168.10.255 255.255.255.255
192.168.10.2 192.168.10.2
1
192.168.20.0
255.255.255.0 192.168.20.2
192.168.20.2 1
192.168.20.2
255.255.255.255
127.0.0.1 127.0.0.1
1
192.168.20.255 255.255.255.255
192.168.20.2 192.168.20.2
1
224.0.0.0
224.0.0.0 192.168.10.2
192.168.10.2 1
224.0.0.0
224.0.0.0 192.168.20.2
192.168.20.2 1
255.255.255.255
255.255.255.255 192.168.10.2
192.168.10.2 1
Default Gateway:
192.168.20.1
===========================================================================
Persistent
Routes:
None
"Robert L [MS-MVP]" <noreply@xxxxxxxxxxx> wrote in
message
news:e3cgvUkEGHA.1028@xxxxxxxxxxxxxxxxxxxx...
It
is not recommended to enable RRAS on a DC. However, if you configure
it
correctly, it should work. It seems to me this is routing issue. Have
you
enable IP routing on the server? or posting the routing table here may
help.
Name resulotion on VPN Connection issues on DC, ISA, DNS and WINS
server as
VPN server How to assign DNS and WINS on VPN client manually Name
resolution
Issue in a VPN client ...
www.chicagotech.net/nameresolutionpnvpn.htm
Bob
Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN
Troubleshooting on
http://www.ChicagoTech.net
How to
Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Mike
B." <mikebobowski@xxxxxxxxx>
wrote in message
news:euNORYhEGHA.648@xxxxxxxxxxxxxxxxxxxx...
Hi
all,
I have a client with a single Windows 2000 Advanced Server
controlling a
local domain (abc.local). This very small company (1
Server, 4 Workstations
and 2 Laptops) CANNOT afford a second server.
However, they wish to enable
remote access (VPN). I have configured
the network in the following way:
Cable/DSL Modem
|
Router #1
| \
| \
| \
Router #2
Server
| /
| /
|
/
Switch
|
Rest of
network
Router #1:
WAN IP: Dynamic (Set by ISP - FOR NOW,
client will get static IP after
RRAS
working)
(IP, Mask,
Gateway and DNS configured through ISPs DHCP)
LAN IP:
192.168.10.1
LAN Mask: 255.255.255.0
DNS Relay:
Enabled
Everything blocked Except:
IPSec
Passthrough Enabled
PPPoE Passthrough
Enabled
PPTP Passthrough Enabled
Ext.Port TCP 1723 Forwarded to
Int.Port TCP
1723 on Server NIC #2: 192.168.10.2
Router #2:
WAN IP:
192.168.10.10
WAN Mask: 255.255.255.0
WAN Gateway:
192.168.10.1
LAN IP: 192.168.20.1
LAN Mask:
255.255.255.0
DNS Relay: Enabled
Everything
blocked
Server:
NIC #1: configured and connected to internal
network via Switch (intranet)
NIC #1 IP: 192.168.20.2
NIC
#1 Mask: 255.255.255.0
NIC #1 Gateway: 192.168.20.1
NIC
#2: configured and connected to external network via Router
#1
(internet)
NIC #2 IP: 192.168.10.2
NIC #2 Mask:
255.255.255.0
OS: Windows 2000 Advanced Server (All updates
applied)
PDC -
abc.local
Active
Directory
DHCP - Scope (192.168.20.10 -
192.168.20.250)
DNS - Standard Files; NOT
Active Directory Stored
WINS
Routing And Remote Access - * currently
disabled *
At this point everything is working beautifully! Then
I configure RRAS.
During setup I choose Remote Access NOT VPN Server,
because I read VPN
Server mode is for a stand-alone server not a PDC.
With just that
configured everything is still working fine (internal
workstations have
access to the internet and can browse locally) and remote
clients can
connect. However, remote clients cannot even ping
internal workstations,
all they see is the server. When attempting to
ping an internal workstation
from the remote client by name, the name is
resolved to an IP address. So,
I'm assuming that the clients are
resolving (seeing) the DNS and this is a
route problem? I know I can
NOT put a default gateway on NIC #2 to point at
NIC #1, so I've tried
adding a route from NIC #2 to the loopback
(127.0.0.1)?
The BIG
QUESTION, is everything I need to configure to get this working in
RRAS GUI
or do I need to configure routes manually through "route add -p"???
The
smaller BIG QUESTION is can anybody please help with specifics
not
generics?
Thanks in advance for any assistance,
Mike
B.
I.D.M. Technologies
Milwaukee, WI,
USA
|
