Re: RRAS for VPN, use an internal-only 192.168.x.x connection pool?

Have you enable IP routing? Or this link may help,

RRAS Routing issue
http://www.chicagotech.net/netforums/viewforum.php?f=2

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Thomas H" <T@H> wrote in message news:eHXYAM9bHHA.1388@xxxxxxxxxxxxxxxxxxxxxxx
Hello everyone,

I have an old Windows 2000 Server box (Pentium 3, 18 gb hard drive, 256 MB
RAM) that I wanted to turn into a VPN. (Either that or it gets thrown
out!). It has two network cards; one connects to a public IP address, and
the other connects to a 32-host VLAN in 172.16.x.x space. All the IP
addresses in this 172.16.x.x VLAN are static because they're for servers (no
workstations/terminals), so we don't have DHCP running.

I have Routing & Remote Access working so that it uses a few of our
172.16.x.x IP addresses- I just listed them in the static address pool. It
works great; I can connect from home and get access to all the private
subnet's resources. The problem is, since this VLAN is for servers, I only
have two IP addresses available!

Is there a way to set up an "internal-only" subnet just for remote users
that uses 192.168 space? By internal-only, I mean that I just want this
192.168 subnet to exist in the VPN server itself- without using physical
network resources. That way I could have 32 (or 64, or more!) possible
connections into our private subnet without wasting our VLAN addresses.

I tried putting a fake 192.168.x.x subnet into the static address pool. When
I connect with the VPN, I do get one of the 192.168 addresses. However, I
can't get "out" of the server. I can only ping the server's two network
cards. I can't even ping other servers on the same 172.16.x.x VLAN! I
played with setting up static routes, but only succeeded in ruining the
server's own connectivity to the rest of our network.

I don't really need to have our telecom guys create a separate subnet/VLAN
on the network (physical switch/router/cabling/etc), do I?

Thanks for any pointers/tips/help! I couldn't find anything like this
configuration on the internet, maybe it's not supported? Everything seemed
to say that the private NIC should go to a switch that had a VLAN with
enough IPs for remote connections. Nothing talked about setting up a subnet
inside the server itself for connections...

-Thomas


Relevant Pages

  • Re: cups relaying remote broadcasts to a local subnet (SOLVED)
    ... This sounds like an application that could use a vpn (virtual private ... network) over the internet. ... port 9100 it only has to be set up on the gateway machine. ...
    (Fedora)
  • Re: 2 servers and 3 nics = pain of my life
    ... "Since you are using 3rd party VPN, you need not only enable IP ... you may have a name resolution or routing issue. ... WINS server as VPN server DNS and Split Tunneling for VPN? ... How to Setup Windows, Network, VPN & Remote Access on ...
    (microsoft.public.windows.server.networking)
  • Re: Using a Linksys router, should I also use Zonealarm?
    ... public internet to access corporate network. ... In the "old days" when people used to use Dial-In instead of VPN you ware ... protected by corporate Firewall -- since there was no public Internet ...
    (microsoft.public.security)
  • Re: cups relaying remote broadcasts to a local subnet
    ... This sounds like an application that could use a vpn (virtual private ... network) over the internet. ... The 10.x.x.x series of IP addresses is set aside as private address space. ...
    (Fedora)
  • Re: Http access across a site 2 site VPN
    ... Troubleshooting Client Authentication on Access Rules in ISA Server 2004 ... Microsoft Internet Security & Acceleration Server: ... access rule that represents access to the vpn between the sites. ... corresponding network rules and access rules, and I went ahead and created ...
    (microsoft.public.isa)
Loading