Change IP Pool in RRAS

  • Thread starter Thread starter IT-BOY
  • Start date Start date
I

IT-BOY

Our Structure as below.
1. Win2000 RRAS Server locate on win 2000 AD Server
2. RRAS Server use AD Server DHCP server IP address ( 192.168.1.x)
3. Exchange Server locate same AD server IP address (192.168.1.5)
4. VPN client via PPTP dail in to RRSA server using outlook sync mail data.

New Structure as below.
1. RRAS Server locate on AD server no change.
2. Assign special IP pool ( 10.10.100.0 - 10.10.100.30) to RRAS server,
disable using internal DHCP server IP address.
3. Exchange Server IP address no change
4. VPN client via PPTP dial in to RRAS Server with get 10.10.100.x IP
address.

My question as below.
- How to change new IP Pool in exisiting RRAS Server.
- How to setup the IP routing in RRAS as VPN client still connect to
Exchange server sync message.
- I have try only change the RRAS server IP Pool, but afterr our exchange
server services does not work.

Please advice and help.

IT IT
 
1. Open RRAS, right-click on the RRAS server>Properties>IP. You will have two options, DHCP and Static address pool.
2. If you check LAND and demand-dial routing, that should route to the LAN.
3. If you can ping the exchange IP, I would check the DNS or WINS first.

Computer browser over VPN Computer browsing over VPN involves routers, multiple segments and ... Alternatively, it is possible to browse over VPN by using LMHOSTS files on all VPN ...
www.howtonetworking.com/VPN/browsingovervpn0.htm


How to setup VPN
You will have two options, DHCP and Static address pool. How to schedule to connect and disconnect a VPN. You can use rasdial command plus scheduler. ...
www.howtonetworking.com/Windows/vpnsetup.htm




Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Our Structure as below.
1. Win2000 RRAS Server locate on win 2000 AD Server
2. RRAS Server use AD Server DHCP server IP address ( 192.168.1.x)
3. Exchange Server locate same AD server IP address (192.168.1.5)
4. VPN client via PPTP dail in to RRSA server using outlook sync mail data.

New Structure as below.
1. RRAS Server locate on AD server no change.
2. Assign special IP pool ( 10.10.100.0 - 10.10.100.30) to RRAS server,
disable using internal DHCP server IP address.
3. Exchange Server IP address no change
4. VPN client via PPTP dial in to RRAS Server with get 10.10.100.x IP
address.

My question as below.
- How to change new IP Pool in exisiting RRAS Server.
- How to setup the IP routing in RRAS as VPN client still connect to
Exchange server sync message.
- I have try only change the RRAS server IP Pool, but afterr our exchange
server services does not work.

Please advice and help.

IT IT
 
To expand on what Robert has said, it makes more sense if you realise
what is happening. When the remotes are in the same IP subnet as the LAN, no
real routing takes place. The server acts as a proxy for the remotes, so
that the appear to be on the LAN.

If you use a static pool in a different subnet, this doesn't happen. The
remote clients and the server's internal interface are in their own subnet.
You need to enable IP routing on the RRAS server (as Bob pointed out). But
that may not be enough. It will work if the RRAS server is the default
gateway for the LAN. If it isn't, you will need extra routing to get the
traffic for the remotes to the RRAS server. (For example if the default
gateway is an Internet router, the remote traffic will be lost. You need to
redirect it to the RRAS server to be encrypted and encapsulated before it
goes out to the Internet with a public IP destination address).

You will also need to check that name resolution works across the router
(just as you would across any LAN router).
 
can you advice details information .

IT
To expand on what Robert has said, it makes more sense if you realise
what is happening. When the remotes are in the same IP subnet as the LAN, no
real routing takes place. The server acts as a proxy for the remotes, so
that the appear to be on the LAN.

If you use a static pool in a different subnet, this doesn't happen. The
remote clients and the server's internal interface are in their own subnet.
You need to enable IP routing on the RRAS server (as Bob pointed out). But
that may not be enough. It will work if the RRAS server is the default
gateway for the LAN. If it isn't, you will need extra routing to get the
traffic for the remotes to the RRAS server. (For example if the default
gateway is an Internet router, the remote traffic will be lost. You need to
redirect it to the RRAS server to be encrypted and encapsulated before it
goes out to the Internet with a public IP destination address).

You will also need to check that name resolution works across the router
(just as you would across any LAN router).
 
At point 3, why check the DNS or WINS first, is need add the new RRAS IP pool in the AD DNS or WINS...

Please advice.

it
1. Open RRAS, right-click on the RRAS server>Properties>IP. You will have two options, DHCP and Static address pool.
2. If you check LAND and demand-dial routing, that should route to the LAN.
3. If you can ping the exchange IP, I would check the DNS or WINS first.

Computer browser over VPN Computer browsing over VPN involves routers, multiple segments and ... Alternatively, it is possible to browse over VPN by using LMHOSTS files on all VPN ...
www.howtonetworking.com/VPN/browsingovervpn0.htm


How to setup VPN
You will have two options, DHCP and Static address pool. How to schedule to connect and disconnect a VPN. You can use rasdial command plus scheduler. ...
www.howtonetworking.com/Windows/vpnsetup.htm




Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Our Structure as below.
1. Win2000 RRAS Server locate on win 2000 AD Server
2. RRAS Server use AD Server DHCP server IP address ( 192.168.1.x)
3. Exchange Server locate same AD server IP address (192.168.1.5)
4. VPN client via PPTP dail in to RRSA server using outlook sync mail data.

New Structure as below.
1. RRAS Server locate on AD server no change.
2. Assign special IP pool ( 10.10.100.0 - 10.10.100.30) to RRAS server,
disable using internal DHCP server IP address.
3. Exchange Server IP address no change
4. VPN client via PPTP dial in to RRAS Server with get 10.10.100.x IP
address.

My question as below.
- How to change new IP Pool in exisiting RRAS Server.
- How to setup the IP routing in RRAS as VPN client still connect to
Exchange server sync message.
- I have try only change the RRAS server IP Pool, but afterr our exchange
server services does not work.

Please advice and help.

IT IT
 
When you put the remotes in a different IP subnet, they cannot see the
LAN machines without routing. So the first step is to enable IP routing on
the server. You do this by configuring RRAS as a LAN router.

Routing will then automatically work if the RRAS server is the default
gateway for the LAN. If it is not, the traffic for 10.10.100 will go to the
default gateway and be lost. It must go the the RRAS server first.

To make that happen you would need to add a static route to the gateway
router to send traffic for 10.10.100.x to the RRAS router. eg

10.10.100.0 255.255.255.0 192.168.1.n

where 192.168.1.n is the IP address of the RRAS server. The RRAS server
will then forward the traffic to the client over the VPN link.

When you have done this, you should be able to ping a machine on the
192.168.1 LAN from a remote client using its IP address. If you can ping by
IP but not by name, check your DNS and/or WINS setup. It is a name
resolution problem, not a routing problem.
 
Thanks information.
But I have a question when I setup the statics route.
My step as below.
1. Static Route
2. Interface, Select Network Card for LAN connection.
3. Denstination : 101.10.100.0
4. Network Mask: 255.255.255.0
5. Gateway : 192.168.1.n
6. Metic: 1

- When I click apply , it show network mask wrong, please advice.
- After change this setting, is need change the IP address Pool in W2K
Server.

Thanks
Jackie Wong
When you put the remotes in a different IP subnet, they cannot see the
LAN machines without routing. So the first step is to enable IP routing on
the server. You do this by configuring RRAS as a LAN router.

Routing will then automatically work if the RRAS server is the default
gateway for the LAN. If it is not, the traffic for 10.10.100 will go to the
default gateway and be lost. It must go the the RRAS server first.

To make that happen you would need to add a static route to the gateway
router to send traffic for 10.10.100.x to the RRAS router. eg

10.10.100.0 255.255.255.0 192.168.1.n

where 192.168.1.n is the IP address of the RRAS server. The RRAS server
will then forward the traffic to the client over the VPN link.

When you have done this, you should be able to ping a machine on the
192.168.1 LAN from a remote client using its IP address. If you can ping by
IP but not by name, check your DNS and/or WINS setup. It is a name
resolution problem, not a routing problem.
 
Where are you trying to set up this static route? It does not go on the
RRAS server. It has to go on the gateway router of the 192.168.1.0 network.
And you will need to use the actual IP address of the RRAS router, not
192.168.1.n .
 
I have in RRAS server IP routing | Statics Route create new statics route.
You mean gateway router is our firewall . current i useing NAT forward port
to internal RRAS VPN server. Also the actual ip address is 10.10.100.0 rang
IP address. Please advice

Thanks
ITIT

Where are you trying to set up this static route? It does not go on the
RRAS server. It has to go on the gateway router of the 192.168.1.0 network.
And you will need to use the actual IP address of the RRAS router, not
192.168.1.n .
 
Is need enable the RRAS server with LAN router only mode after change the
setup , please advice.

Thank
itit
I have in RRAS server IP routing | Statics Route create new statics route.
You mean gateway router is our firewall . current i useing NAT forward port
to internal RRAS VPN server. Also the actual ip address is 10.10.100.0 rang
IP address. Please advice

Thanks
ITIT

Where are you trying to set up this static route? It does not go on the
RRAS server. It has to go on the gateway router of the 192.168.1.0 network.
And you will need to use the actual IP address of the RRAS router, not
192.168.1.n .
 
Hi Bill, can you advice me more information with my question. 1000000 Thanks
your help.
J
Is need enable the RRAS server with LAN router only mode after change the
setup , please advice.

Thank
itit
I have in RRAS server IP routing | Statics Route create new statics route.
You mean gateway router is our firewall . current i useing NAT forward port
to internal RRAS VPN server. Also the actual ip address is 10.10.100.0 rang
IP address. Please advice

Thanks
ITIT

Where are you trying to set up this static route? It does not go on the
RRAS server. It has to go on the gateway router of the 192.168.1.0 network.
And you will need to use the actual IP address of the RRAS router, not
192.168.1.n .
 
I can't see any point. There is no evidence to suggest you have read or
understood the previous ones.
 
If you do not know how IP routing works, you are better off leaving the
remotes in the same IP subnet as the LAN.

If you put the remotes in their own subnet, things will not work unless
you know how to route between subnets.
 
Thanks you information. I know set to same subnet is better solution, as
network structure change, so I need change the network config as my need.

Thanks
Jackie Wong

If you do not know how IP routing works, you are better off leaving the
remotes in the same IP subnet as the LAN.

If you put the remotes in their own subnet, things will not work unless
you know how to route between subnets.
 
Back
Top