Re: W2003 VPN Setup

Ok...

I've set the second adapter to 10.0.0.12 without a gateway and it's
connected. The primary and external nic is set to 10.0.0.11 and
mapped externally with the firewall as the gateway. So I need to add
a route? To where for what?

Do I route the second interface to the first? So would I add a route
to the second interface (10.0.0.12) with a destination to the first?
(10.0.0.11)

Thanks!



On 30 Apr 2007 12:43:42 -0700, RC <RichChristy@xxxxxxxxx> wrote:

On Apr 30, 3:18 pm, Tom wilson <yeahri...@xxxxxxxxxx> wrote:
I'm entirely confused by VPN setups. I'm reading through the MS
documents on it but they don't address certain things. A history:

I have a clean W2003 box with 2 nics. One is currently configured as
10.0.0.11 (our DMZ), mapped through our hardware firewall as a public
IP; ie. 207.81.101.11. I believe this is what will accept incoming
VPN connections. Now the MS document seems to indicate the other
adapter should have an internal address. This is where the problem
comes in. Since we have a hardware firewall doing IP mapping, that
would mean both adapters would have internal addresses. I've tried
this and it freaks, telling me I can't have 2 identical gateways.

I ran the RAS setup for VPN and the second adapter is telling me there
is no or limited connectivity. It has a wierd IP address but the
gateway and DNS servers are empty.

Any document from MS assumes I'm not running a hardware firewall and
doesn't apply. Can anyone clear up what I'm supposed to do in this
situation?

Thanks!

You need to set the "external nic" with all of its settings, ie: ip,
subnet mask, default gateway, etc. and set the other nice with just
IP, SM, DNS and leave the DG blank. create a persistant route on the
server that points back to the LAN DG. you can use either routing and
remote access in the vpn setup to accomplish this or you can pull up a
command prompt and setup a persistant route this way "route add"

.

Relevant Pages

  • Re: Changing the NAT IP on demand?
    ... the default route on the FreeBSD gateway whenever an event tells it ... The concern here is to keep currently-stablished connections alive, ... being used as the default route. ... gets too large (over tens of thousands of static routes). ...
    (freebsd-hackers)
  • Re: VPN and remote gateway
    ... > It seems you use the wrong route add command. ... > when the VPN connection is established. ... > | using the remote network as my gateway. ...
    (microsoft.public.windows.server.sbs)
  • Re: Persistent Route ignored on W2K when destination network is unavailable
    ... a global setting like the gateway to a particular subnet should be set ... this network access the internet via a NAT firewall (connected to ... via a WAN link. ... route on the Cisco firewall so that any traffic to the internet gets ...
    (microsoft.public.win2000.networking)
  • Re: Multihomed Server with 2 Internet Connections
    ... Phillip - Thanks for the feedback. ... years with Windows 2000, and now doesn't work in Windows 2003. ... If you want redundant connections then bring both connections into the same ... 128978 - Dead Gateway Detection in TCP/IP for Windows NT ...
    (microsoft.public.windows.server.networking)
  • Re: How to *ENABLE* icmp redirect on windows xp workstation ?
    ... > I'm using DHCP on the LAN and point default gateway to the internat ... > and the internet gateway forward the packet to innernet gateway. ... it sounds like a static route configured in your ...
    (microsoft.public.windows.server.networking)