PPPoE vs Double-NAT?
- From: ckennylin <ckennylin@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 14 Jun 2005 11:51:07 -0700
Hi All:
I have an SBS 2003 Premium server that I need to relocate and reconnect to
the Internet. It currently has 2 nics with a public and private IP address,
and its internet connection is a DSL router, with multiple public IPs and a
gateway. I'm running ISA as well as some basic packet filters on the router
for security.
The new location will have DSL as well, with a DSL router that can be
reconfigured as a bridge. It will have a static public IP, but that will be
assigned upon PPPoE authentication.
>From what I've been able to gather from the newsgroup and various MVP sites,
the accepted best practice is to do a double-NAT i.e. have the router
establish & maintain the PPPoE link, and let the SBS's external adapter pick
up a DHCP address from the router.
As a dry run, I tried doing that at my DSL connection at home with an SBS
box (Action Pack, Yay!) and ran into some weird behavior when running RWW.
To make the rest of this post easier to decipher, here's the entire chain of
machines:
HPC -> HSBS -> DSL -> Internet -> DSL -> WSBS -> WTS
Where:
HPC = Home client PC
HSBS = Home SBS Server
WSBS = Work SBS Server
WTS = Work Term Server
Note the Work SBS network hasn't changed yet, and it has a public IP address
on the external interface. ISA is running on both SBSs.
* Scenario 1: Best Practices using double-NAT on HSBS
On the HSBS, I can remote into WSBS via RWW and run a RDP session on WTS.
On the HPC, I can remote into WSBS via RWW, but CANNOT run the RDP session.
It made no difference whether the HC is a SecureNAT or Firewall Client.
* Scenario 2: Configuring the DSL Router as a Bridge, and using CEICW to
create a PPPoE Connection on HSBS
On both HSBS and HPC, RWW to WSBS/WTS runs as expected.
The downside with Scenario 2 is that if HSBS gets rebooted, I will need to
MANUALLY log in to re-establish the DSL connection, unless I'm missing
something silly.
So before I relocate the WSBS to the new location, I'm looking for the best
way to keep the remaining hair on my head. If I can get RWW/RDP to run on
the HPC with Double-NAT, I'd be really happy. Otheriwse, I'm forced to
consider running PPPoE on my server, and hope the server doesn't reboot at
some inconvenient time.
Thanks!
---K
.
- Follow-Ups:
- Re: PPPoE vs Double-NAT?
- From: Frank McCallister SBS MVP
- Re: PPPoE vs Double-NAT?
- Prev by Date: Re: Need to set users as local administrators to run some programs?
- Next by Date: Asset Management
- Previous by thread: Ping 192.168.16.255 question
- Next by thread: Re: PPPoE vs Double-NAT?
- Index(es):
Relevant Pages
|
Loading
