Re: How to configure for Two different IP subnets
- From: "Jeff" <jefffby@xxxxxxxxx>
- Date: Mon, 15 Jan 2007 17:40:56 GMT
Thanks Robert and Bill,
I realize this is actually way more than I need for my setup, infact just
setting up a server is more than I even actually need. Although I do like
the vpn aspect that has helped out alot. I actually had the whole server
setup and working as I described except for the fact that I only had 1 nic
and had it all set to the same 192.168.x.x as my router. everything was
working very well that away after playing with it for awhile.
Robert I have actually used the sites that you have links to on numerous
occasions and have actually read a couple of the articles that you had
referenced here already, I have seen that you use this site quite often in
many of the posts here.
Bill thanks for a little more insite into this also, I guess since this is
not a recommended why to do this is maybe why I have been unable to find
very good info on the setup.
I am doing this more for learning than anything but would like to also put
it to some practical use. I have been some programming in .Net and was
wanting to set this up so I could also see how working with a network
effects the programming and the abiliting to Vpn to get to my system while
away is a wonderful thing at times and using it to allow a few other people
that I have set up as users to use the system as well. I just wanted to get
this into its own ip address range.
my thinking was(is) that this is what the server was suppossed to do. I
mean I see where it seems to be common practice to have two nic cards in the
server with the outside Wan coming into one and the network setup on the
second nic with the internal addressing. In my mind this is essentially the
same thing, like I said I am just learning so I may be way off base here. I
do not have the money or the computers to have serveral 2003 servers running
all the time i just thought this could all be accomplished on one machine
without too much issue like I had it setup with just the one nic card.
I thought that I had the Nic cards setup like what Bill is describing here,
but that my active directory went haywire on me which in turn would not let
me run the DHCP. But part of that problem could also have been that I had
already had everything set up using the one nic card on the 192.168.x.x ip
range and then when I tried to switch it over is when everything could have
went haywire.
Anyway thanks for the input I guess I will keep trying to get it set up, or
my second thought last night might be the simple solution and that would be
to get a second hardware router and segment the system that away, but then I
have not learned anything that away.
Again Thanks,
Jeff
"Robert L [MVP - Networking]" <noreply@xxxxxxxxxxx> wrote in message
news:OnysMGLOHHA.140@xxxxxxxxxxxxxxxxxxxxxxx
Bill,
Thank you for the detail inputs.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Bill Grant" <not.available@online> wrote in message
news:ONzZ6yDOHHA.4992@xxxxxxxxxxxxxxxxxxxxxxx
As Bob said there are a lot of issues involved here. Active Directory is
really overkill for a setup like that. You don't need it to allow an
incoming VPN connection and running RRAS on a DC is definitely not
recommended. The other major problem you strike with AD is DNS.
If you really want to run a domain behind a workgroup, it can be done.
It can even be done using the DC as the router (otherwise Small Business
Server wouldn't work) but it is not simple or straightforward. It certainly
doesn't work using the default setup wizard in Server 2003. It becomes even
more difficult if you also configure the DC as a VPN server.
If you only want a second IP subnet using the Windows server as a
router, things are simpler. You can configure the router as a normal LAN
router (but this will mean you need to add extra routing to the Linksys so
that it knows how to find your internal subnet). If you can't or don't wish
to fiddle with the Linksys, you need to configure the server as a NAT
router. This solves the routing problem on the Linksys because all traffic
going to the Linksys from your internal subnet is using the 192.168.1.x
address of the server (because of NAT).
The network config is like this.
Internet
|
Linksys
192.168.1.1
|
workgroup machines
192.168.1.x dg 192.168.1.1
|
192.168.1.n dg 192.168.1.1
RRAS
10.10.1.1 dg blank
|
workstations
10.10.1.x dg 10.10.1.1
If you configure the RRAS router for NAT routing should just work.
Without NAT (ie LAN routing only) you need a static route on the Linksys to
send the traffic for the inner subnet to the internal router. ie
10.10.0.0 255.255.0.0 192.168.1.n
"Robert L [MVP - Networking]" <noreply@xxxxxxxxxxx> wrote in message
news:eyMVtGDOHHA.5064@xxxxxxxxxxxxxxxxxxxxxxx
We have many issues with this configuration. Here are two:
1. You should not enable RRAS on a DC. Check this link for more details.
Name resolution on VPN
Connection issues on DC, ISA, DNS and WINS server as VPN server How to
assign DNS and WINS on VPN client manually Name resolution Issue in a VPN
client ...
http://www.chicagotech.net/nameresolutionpnvpn.htm - Jan 12, 2007 -
case Studies - VPN error 721 and 800
Connection issues on DC, ISA, DNS and WINS server as VPN server ... To
assign the DNS and WINS to a VPN client for name resolution, you should
configure VPN ...
http://www.chicagotech.net/VPN/vpncase800.htm
2. You don't need two NICs for VPN. How to may help,
How to setup VPNHow to setup Windows 2003 as VPN server with one NIC How to
setup VPN on w2k server with one NIC How to use PPTP through a Cisco PIX ...
http://www.howtonetworking.com/Windows/vpnsetup.htm
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Jeff" <jefffby@xxxxxxxxx> wrote in message
news:fYwqh.1217$G23.126@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Just wondering if someone can please explain how I can get two different
ip
subnets working? I have been googling, reading the newsgroups, and
reading
books but I just can not figure out how to make this work.
I have Windows server 2003 and here is what i am trying to setup:
INTERNET
|
LINKSYS ROUTER - PPOE CONNECTION TO DSL INTERNAL IP 192.168.1.1
|
|-WORKGROUP (WIFE AND DAUGHTER LEFT HERE (THEY WOULD KILL ME IF
THIER
INTERNET CONNECTION WAS UNAVAILABLE DUE TO MY PLAYING)
|
WINDOWS SERVER 2003
DOMAIN CONTROLLER - MYDOMAIN.LOCAL - WANT THIS AS IP 10.10.1.1
DNS
DHCP - set to give out ip ranges of 10.10.1.10 to 10.10.1.20
computer connecting to domain or vpn in should get a 10.10.1.x address
RRAS - (TO BE ABLE TO VPN IN) I BELIEVE THIS IS WHERE I GET
THE SERVER NAME OF JEFF1.MYDOMAIN.LOCAL
WINS
FILE SERVER
This is where I can not get it to work, from my understanding i need two
nic cards in server.
NIC 1 - LOCAL AREA CONNECTION 1 - I believe this is the one that i set my
domain up on static IP 10.10.1.1 subnet 255.255.0.0 (no default gateway?)
under advance tabs DNS=JEFF1 10.10.1.1 alternate is
given
one from my isp, WINS=JEFF1 10.10.1.1
NIC 2 - LOCAL AREA CONNECTION 2 - I believe this is the one that i set
pointing to my Linksys Router static IP 192.168.1.2 subnet 255.255.255.0
default gateway 192.168.1.1
under advance tabs DNS= 192.168.1.2 alternate given
from
one from isp, WINS=192.168.1.2
When configuring the Domain Controller, DNS, DHCP, RRAS, and WINS I just
ran
the wizards and went with the settings it provided but when all was said
and
done it would not work. I could not see anyone on the 192.168 network,
could not get to the Domaine from the 192.168 network. Active Directory
freaked out on me to where I could not even access it it just kept saying
there was an error. It was like it was not seeing the
JEFF1.MYDOMAIN.LOCAL
server for some reason.
Any way I played with so many settings that I could think of from reading
the books or some articles i found on the web that i completely hosed it.
So I reformatted the drive and reloaded windows server and have left it
there before adding any roles or anything untill maybe I could get some
help
in understanding what settings I need to make and where. Like I said I
have
been searching found alot kind of referencing what I am trying to do but
as
of yet been able to find anything that kind of explains step by step or
shows examples of what the settings are suppossed to look like. Only
thing
I can figure out is this must be so easy that there does not need to be
any
explainations on the settings, but for the life of me I can not figure it
out.
So if anyone could kindly explain how/what to set this up or knows where
there is a pretty good detailed guide that I could follow I would
appreciate
it.
Thanks, Jeff
.
- Follow-Ups:
- Re: How to configure for Two different IP subnets
- From: Bill Grant
- Re: How to configure for Two different IP subnets
- From: Robert L [MVP - Networking]
- Re: How to configure for Two different IP subnets
- References:
- How to configure for Two different IP subnets
- From: Jeff
- Re: How to configure for Two different IP subnets
- From: Bill Grant
- Re: How to configure for Two different IP subnets
- From: Robert L [MVP - Networking]
- How to configure for Two different IP subnets
- Prev by Date: Re: Webinterface Routing??
- Next by Date: Re: How to configure for Two different IP subnets
- Previous by thread: Re: How to configure for Two different IP subnets
- Next by thread: Re: How to configure for Two different IP subnets
- Index(es):
Relevant Pages
|
