Re: Configuring NAT/Basic Firewall
From: Bill Grant (not.available_at_online)
Date: 02/22/05
- Next message: Blaze: "Client Access Rights"
- Previous message: Brian: "Re: auto connect VPN client"
- In reply to: Andy L: "Configuring NAT/Basic Firewall"
- Next in thread: Andy L: "Re: Configuring NAT/Basic Firewall"
- Reply: Andy L: "Re: Configuring NAT/Basic Firewall"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 23 Feb 2005 09:41:32 +1100
You have the PPPoE interface configured as the public interface for NAT.
All you need is to add you local NIC as a private interface for NAT. NAT
will then accept private traffic arriving at its local NIC and send the
translated packets out through the public interface.
Check that the server's default route is out through the public
interface.
What is the DNS setting on your LAN clients? If they use your local DNS
server, make sure it is set up to forward to a DNS server which can resolve
public URLs.
"Andy L" <Droid13@online.nospam> wrote in message
news:%23gGaIiSGFHA.3376@TK2MSFTNGP12.phx.gbl...
> Although I've configured NAT on several different kids of routers, I'm
> having trouble to understand the exact steps to take to configure this in
> Win2003 RRAS. I have a 2003 server that is multi-roled for a small branch
> office (DC, DNS, DHCP, APPLICATION, VPN) as part of a larger AD forest.
> The server currently has a single local area network connection.
>
> The RRAS, in addition to the standard interfaces, has a PPPoE interface
> running to the Internet (over the local area network to a DSL modem), and
> L2TP connections to another DC in the forest (connecting over the PPPoE
> interface to the Internet). What I'm trying to do is setup the NAT/Basic
> Firewall for the handful of local computers to allow them to access
> Internet. I setup a new interface on the NAT/Basic firewall, referenced
> the Internet (PPPoE) interface and set "Public interface / enable NAT".
> From here I'm not sure what else needs doing, as this doesn't seem to work
> by itself.
> Do I need to specify an address pool if I just want to hide the clients
> behind the RRAS PPPoE IP address?
> I did not turn on and Services and Ports, as these clients will be
> outbound connections only...
> I have not turned on any firewall or filters yet.
> I did not turn on any DHCP allocator or DNS proxy because the server
> already has the standard DNS and DHCP services running.
> Do I need to also define a NAT interface on the Internal or Local Area
> interface as well and define it as "Private" for this to work?
> The server is the default gateway for the clients, no client static
> routes. I have set the necessary RRAS static routes and the L2TP
> connection to the other office works great, but any RRAS routes that send
> users out the PPPoE connection go unanswered (I assume NAT is not doing
> it's stuff).
>
> ?
>
- Next message: Blaze: "Client Access Rights"
- Previous message: Brian: "Re: auto connect VPN client"
- In reply to: Andy L: "Configuring NAT/Basic Firewall"
- Next in thread: Andy L: "Re: Configuring NAT/Basic Firewall"
- Reply: Andy L: "Re: Configuring NAT/Basic Firewall"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
