Re: NAT help for 'simple' VPN configuration
- From: "Bill Grant" <not.available@online>
- Date: Fri, 23 Sep 2005 11:44:40 +1000
Tim,
You seem to misunderstand how this works. When you connect to your
server by VPN, the point-to-point connection is made using the private IP
addresses from the pool. So the remote client need to use the private IP of
the server (just as a LAN client would do). That is why it is called a
virtual private network. The client appears to be on the private LAN.
External DNS will not resolve the name to this IP. As you have no
internal DNS, you will need to add a hosts file to the client to resolve the
server's name to its internal IP if you want to use the server name to find
files.
Tim_Mac wrote:
> hi,
> i am stumbling along trying to get this VPN working. i've spent ages
> reading up about it but can't seem to get NAT to work.
>
> the VPN is on a stand-alone windows 2003 server, in a datacenter
> environment. Routing and RRAS is active. the configured roles are:
> file server, VPN, application server. no DHCP or DNS server. i should
> emphasise there are no other computers on the network, it is entirely
> stand-alone, with an external web connection. the server is housing
> all the files for the VPN.
>
> the RRAS IP address assignment is done with a static pool of
> 192.168.0.1-255.
> NAT/Basic Firewall is set up on the only NIC on the server. in the
> NAT/firewall properties, IP address assignment is not done via DHCP
> because i think this would conflict with the static pool configured in
> RRAS properties.
> on the LAN interface then within NAT/firewall, i have "enable NAT" and
> "enable firewall" ticked. the external address pool is set up, and i
> have several ports enabled.
> my clients can connect to the VPN no problem, but there is no NAT and
> external DNS doesn't work. i'd like to solve the NAT problem first.
> i can browse to the server IP which is 192.168.0.1 and see files etc.
> i really need to browse to the server name though.
>
> when i look in the event log, there is a warning for each port on the
> VPN as follows:
>
> Event Type: Warning
> Event Source: RemoteAccess
> Event Category: None
> Event ID: 20171
> Date: 22/09/2005
> Time: 16:52:30
> User: N/A
> Computer: BBWEB
> Description:
> Failed to apply IP Security on port VPN2-79 because of error: The
> binding handle is invalid.
> . No calls will be accepted to this port.
> Data:
> 0000: a6 06 00 00 ¦...
>
> but i can still connect from windows clients across the web without
> difficulty. any help is GREATLY appreciated.. i'm tearing my hear out
> here!
> thanks
> tim
.
- Follow-Ups:
- Re: NAT help for 'simple' VPN configuration
- From: Tim_Mac
- Re: NAT help for 'simple' VPN configuration
- References:
- NAT help for 'simple' VPN configuration
- From: Tim_Mac
- NAT help for 'simple' VPN configuration
- Prev by Date: Administrative Shares
- Next by Date: Re: Split Tunneling in the Windows VPN Client???
- Previous by thread: NAT help for 'simple' VPN configuration
- Next by thread: Re: NAT help for 'simple' VPN configuration
- Index(es):
Relevant Pages
|
