Re: PPPoE vs Double-NAT?
- From: "Frank McCallister SBS MVP" <anonymous>
- Date: Tue, 14 Jun 2005 22:17:02 -0500
Hooking the server NIC directly to the Mdem usng PPPoE is usually
problematic due to timing issues on server restarts. I would hook an
inexpensive DLink or Linksys between the westell and the external nic to
maintain a constant connectionand a private ip on the external nic
--
Frank McCallister SBS MVP
COMPUMAC
"ckennylin" <ckennylin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:443C6AE3-185F-41B1-97A5-AD30396CEC41@xxxxxxxxxxxxxxxx
> Hi Frank:
>
> Thanks for the quick response, and your preference is the consensus best
> practice. However, whether the Home-SBS's external NIC is static or
> dynamic,
> I still have the same problem with running RWW-RDP to the Work-SBS from
> the
> Home-PC. On the Westell DSL Modem/Router that I use, there is an option
> called "IP Passthrough" which gives the Home-SBS's external interface the
> public IP (a DMZ-like setting), but that didn't do much for this problem.
>
> On the Home-PC, I run a netstat when attempting to connect to the RDP
> session and see that it's sending SYN to port 4125 before the attempt
> fails.
> This I am allowing 4125 on the Home-SBS's ISA packet filter, and I do not
> see
> any entries in the ISA Logs.
>
> The Home-SBS CAN run the RWW-RDP session however, and shutting the 4125
> filter will make the session fail, so from the perspective of Home-SBS,
> everything is cool.
>
> I hesistate to repeat this experiment with SP1 :-). Alternatively, is
> there
> any way to have the server automatically bring up the PPPoE connection
> upon
> boot?
>
> ---K
>
> "Frank McCallister SBS MVP" wrote:
>
>> My preference is PPPoE with the External NIC Static on the Routers LAN
>> Subnet with DHCP disabled. ie if Router LAN is 192.168.1.1 I set the NIC
>> to
>> 192.168.1.2 and then Port forward the ports I want to that IP
>>
>> --
>> Frank McCallister SBS MVP
>> COMPUMAC
>> "ckennylin" <ckennylin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:0F020DC2-81C5-4312-A618-92FE355958A2@xxxxxxxxxxxxxxxx
>> > Hi All:
>> >
>> > I have an SBS 2003 Premium server that I need to relocate and reconnect
>> > to
>> > the Internet. It currently has 2 nics with a public and private IP
>> > address,
>> > and its internet connection is a DSL router, with multiple public IPs
>> > and
>> > a
>> > gateway. I'm running ISA as well as some basic packet filters on the
>> > router
>> > for security.
>> >
>> > The new location will have DSL as well, with a DSL router that can be
>> > reconfigured as a bridge. It will have a static public IP, but that
>> > will
>> > be
>> > assigned upon PPPoE authentication.
>> >
>> > From what I've been able to gather from the newsgroup and various MVP
>> > sites,
>> > the accepted best practice is to do a double-NAT i.e. have the router
>> > establish & maintain the PPPoE link, and let the SBS's external adapter
>> > pick
>> > up a DHCP address from the router.
>> >
>> > As a dry run, I tried doing that at my DSL connection at home with an
>> > SBS
>> > box (Action Pack, Yay!) and ran into some weird behavior when running
>> > RWW.
>> > To make the rest of this post easier to decipher, here's the entire
>> > chain
>> > of
>> > machines:
>> >
>> > HPC -> HSBS -> DSL -> Internet -> DSL -> WSBS -> WTS
>> >
>> > Where:
>> >
>> > HPC = Home client PC
>> > HSBS = Home SBS Server
>> > WSBS = Work SBS Server
>> > WTS = Work Term Server
>> >
>> > Note the Work SBS network hasn't changed yet, and it has a public IP
>> > address
>> > on the external interface. ISA is running on both SBSs.
>> >
>> > * Scenario 1: Best Practices using double-NAT on HSBS
>> >
>> > On the HSBS, I can remote into WSBS via RWW and run a RDP session on
>> > WTS.
>> >
>> > On the HPC, I can remote into WSBS via RWW, but CANNOT run the RDP
>> > session.
>> > It made no difference whether the HC is a SecureNAT or Firewall Client.
>> >
>> > * Scenario 2: Configuring the DSL Router as a Bridge, and using CEICW
>> > to
>> > create a PPPoE Connection on HSBS
>> >
>> > On both HSBS and HPC, RWW to WSBS/WTS runs as expected.
>> >
>> > The downside with Scenario 2 is that if HSBS gets rebooted, I will need
>> > to
>> > MANUALLY log in to re-establish the DSL connection, unless I'm missing
>> > something silly.
>> >
>> > So before I relocate the WSBS to the new location, I'm looking for the
>> > best
>> > way to keep the remaining hair on my head. If I can get RWW/RDP to run
>> > on
>> > the HPC with Double-NAT, I'd be really happy. Otheriwse, I'm forced to
>> > consider running PPPoE on my server, and hope the server doesn't reboot
>> > at
>> > some inconvenient time.
>> >
>> > Thanks!
>> >
>> > ---K
>> >
>>
>>
>>
.
- Follow-Ups:
- Re: PPPoE vs Double-NAT?
- From: ckennylin
- Re: PPPoE vs Double-NAT?
- References:
- PPPoE vs Double-NAT?
- From: ckennylin
- Re: PPPoE vs Double-NAT?
- From: Frank McCallister SBS MVP
- Re: PPPoE vs Double-NAT?
- From: ckennylin
- PPPoE vs Double-NAT?
- Prev by Date: Re: POP3 Connector and GMail Account
- Next by Date: Re: Sync desktop/laptop mailboxes question
- Previous by thread: Re: PPPoE vs Double-NAT?
- Next by thread: Re: PPPoE vs Double-NAT?
- Index(es):
Relevant Pages
|
