S
Scott McGillivray
Hi,
I'm running a w2k3 RRAS server (VPN only, no dial-up), 1 interface
(123.123.123.123) on the Internet and the second one (10.1.10.240) on
a protected LAN. The Protected LAN is connected to my office LAN
(10.0.0.0/24) via a private link & router (10.1.10.1). The protected
LAN has no direct access to the Internet, and the RRAS server is used
only for remote access. Ip addresses are assigned to RAS clients by
the RRAS server from a pool.
So, because the protected LAN does not have access to the Internet I
can't make this connection the default gateway. If I do, traffic
to/from the "inside" networks routes correctly, but no access to the
Internet in general works, since it gets routed through the RAS
connection.
Since this is not the default gateway, the clients can connect to
resources on the protected LAN (10.1.10.x) becasue they are issued an
IP on the same subnet. However, they are unable to connect to the
office LAN because the default gateway is whatever their local machine
has specified.
I'm creating a custom connection profile using the CMAK, so it's
possible to add a static route statement to be run after the
connection is made. The problem is that in order to provide a route
with a gateway of 10.1.10.1 I need to specify the interface in the
route statement. A typical one would look like this:
ADD 10.0.0.0 MASK 255.255.255.0 10.1.10.1 METRIC default IF 0x20004
The interface number is provided/generated when the RAS connection is
made and it can be different on every machine that connects, depending
on the hardware and OS. I can't specify "default" for the Interface,
because that's the "real" interface in the client machine and has a
different IP/subnet.
So, the question is: how do I get a route dynamically assigned to
clients so that they are able to connect to the office LAN? If there
was some way I could use a script to grab the interface index and plug
it into a route statement, I would do that. I just have no idea how
to get a script to retrieve that info and plug it into a route
statement.
I'm sure I can't be the first one to have this problem. Has anybody
reading this run into the same thing? How is it solved? Please don't
refer to KB 254231, since it offers no help in this situation. I
already looked.
Please copy my email address on any replies.
Thanks for the help,
Scott
I'm running a w2k3 RRAS server (VPN only, no dial-up), 1 interface
(123.123.123.123) on the Internet and the second one (10.1.10.240) on
a protected LAN. The Protected LAN is connected to my office LAN
(10.0.0.0/24) via a private link & router (10.1.10.1). The protected
LAN has no direct access to the Internet, and the RRAS server is used
only for remote access. Ip addresses are assigned to RAS clients by
the RRAS server from a pool.
So, because the protected LAN does not have access to the Internet I
can't make this connection the default gateway. If I do, traffic
to/from the "inside" networks routes correctly, but no access to the
Internet in general works, since it gets routed through the RAS
connection.
Since this is not the default gateway, the clients can connect to
resources on the protected LAN (10.1.10.x) becasue they are issued an
IP on the same subnet. However, they are unable to connect to the
office LAN because the default gateway is whatever their local machine
has specified.
I'm creating a custom connection profile using the CMAK, so it's
possible to add a static route statement to be run after the
connection is made. The problem is that in order to provide a route
with a gateway of 10.1.10.1 I need to specify the interface in the
route statement. A typical one would look like this:
ADD 10.0.0.0 MASK 255.255.255.0 10.1.10.1 METRIC default IF 0x20004
The interface number is provided/generated when the RAS connection is
made and it can be different on every machine that connects, depending
on the hardware and OS. I can't specify "default" for the Interface,
because that's the "real" interface in the client machine and has a
different IP/subnet.
So, the question is: how do I get a route dynamically assigned to
clients so that they are able to connect to the office LAN? If there
was some way I could use a script to grab the interface index and plug
it into a route statement, I would do that. I just have no idea how
to get a script to retrieve that info and plug it into a route
statement.
I'm sure I can't be the first one to have this problem. Has anybody
reading this run into the same thing? How is it solved? Please don't
refer to KB 254231, since it offers no help in this situation. I
already looked.
Please copy my email address on any replies.
Thanks for the help,
Scott