Re: Multihomed IP Addressing for RRAS VPN

Ah! I missed seeing that there was a Linksys box there.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"Bill Grant" <not.available@online> wrote in message
news:eJEFkEQFIHA.2268@xxxxxxxxxxxxxxxxxxxxxxx
If this machine in on a private LAN behind a router, it doesn't need
two NICs, so the question of what IP to give the second one does not come
into the equation.

You use two NICs if the server has a direct connection to the public
network, and it is obvious that one has a private IP and the other has a
public IP. The remote user connects to the public NIC and gains access to
the private LAN through VPN.

If the server is on a private LAN, the router is your public gateway
and any external users will have to connect to that. They cannot connect
to the VPN server which is on the private LAN.

You will need to set up your RRAS machine as a remote access server
with one NIC. You can test this config locally by connecting from a LAN
client to the server's private IP/name. (VPN works quite happily over your
local LAN). When this works, modify your gateway router/firewall to
forward VPN traffic to the server on the LAN. (This is tcp port 1723 for
PPTP). Now try connecting from a remote client to the gateway router's IP
address or public name.

PS. I hope that the RRAS server is not a DC. This may cause you
problems when a client does connct, because the server then becomes
multihomed (because it obtains a second IP for the internal interface
which is the tunnel endpoint).

"Anthony" <Anthony@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F4F08401-906F-4D47-B5DF-130289DD24E3@xxxxxxxxxxxxxxxx
Guys thanks for the help in advance.

I have a Server 2003 domain with one serving as a RRAS/VPN server. The
box
has two NICs. I have them as one private and the other connecting to a
linksys router with Port 1723 forwarded.

My question is should the Private and Public addresses be on different
subnets?

My setup is Public Nic1 IP 10.0.0.1 Private Nic 2 IP 10.0.0.2 The
Router's Lan address is 10.0.0.20. The The public NIC is configured with
default gateway of 10.0.0.20.

Is there a way to verify the connection on the local lan or would
verification have to be done remotely from the Internet?

Any advice would be greatly appreciated.




.

Relevant Pages

  • Re: ISA 2004 setup fails on brand new SBS 2003 Premium installatio
    ... It will assist you in changing the SBS LAN NIC IP. ... How to configure Internet access in Windows Small Business Server 2003 ... how to use CEICW (Confgiure Email and Internet Connection Wizard) ... Nics in server attached to LAN switch in the 192.168.0.1-255 range ...
    (microsoft.public.windows.server.sbs)
  • Re: Win2K RRAS/VPN Help
    ... having two NICs in the same IP subnet is a bad idea (especially ... Your server will still ... machines are using the Linksys as their default gateway they can all plug ... LAN clients would use the server's LAN NIC as their default gateway, ...
    (microsoft.public.win2000.ras_routing)
  • Re: Client cannot connect to SBS2003
    ... I noticed that both NICs (internal LAN on the Server and NIC on ... LAN NIC and the LAN cable was plugged into the WAN NIC. ... >> Did you run the Internet and Email Wizard in Server Management Console? ...
    (microsoft.public.backoffice.smallbiz)
  • Re: NIC switch on SBS2003 SP1
    ... Updated the WINS server on the NIC setup ... Enabled Client for Microsoft Networks on LAN NIC ... I needed to leave DHCP on the router as my wireless ... You can rename the NICs to reflect their new role. ...
    (microsoft.public.windows.server.sbs)
  • Re: Dual-Network Card VPN Server?
    ... > You should not have two NICs in the same IP subnet. ... > the same subnet as your LAN machines, you only need one NIC in the server. ... >> set up VPN. ...
    (microsoft.public.windows.server.networking)