configuring a VPN into home

[Loz]

Hi,

Wondering if someone could shed some light.
I am trying to configure a vpn connection into home but am getting a
bit stuck on the NAT/routing side of it.
I have the following:
Static IP address from ISP
ADSL Router connected to windows 2003 server running RRAS
I specifically want to use RRAS

The part I am stuck with is trying to configure the routing table.
I know that the incoming IP address needs to be translated but am not
sure whether this should be done on the ADSL router in the routing
table or on NAT on the RRAS server.
Any step by step guides would be much appreciated.
Basically just want to know how I get my setup so that I can connect
into the network via vpn and get onto the server.
I'm also getting a bit confused as router is currently acting as DHCP
server whereas I want one DHCP server on the network - ie the 2003
server.
I'm concerned that if I try this my internet connection is going to
fall over.
I seem to have already lost connection to the internet the moment I
enable RRAS on the server.

Thanks to anyone who can help.

Loz

 

[Bill Grant]

You do not have to make any changes to NAT on the RRAS server to enable
this. Remote access is quite separate from the NAT routing function. When a
remote client connects to the server by VPN it has a private IP address and
appears to be inside the NAT router. You may have to make changes to the
ADSL router to get the VPN data through to the RRAS router from the
Internet.

If you use the default option, the RRAS server should lease a batch of
IP addresses from the DHCP server on the LAN. It will use those addresses
for its address pool for remote connections. Do not confuse this with the
address pool in NAT.

If you have lost Internet connection I suspect you have set up your
server using the wrong option in the wizard. This usually happens if you
configure it as a VPN ONLY server. This sets up filters to block all traffic
except VPN.

I would suggest that you simply enable remote access on the RRAS server.
You can test the setup by making a VPN connection locally from a LAN client.

When that works, you can look at the Internet connection situation. Does
your RRAS server have a "real" public IP address (which can be accessed
directly from the Internet)? If not, you will need to connect to the ADSL
router's public IP and use port forwarding to extend the VPN connection to
the RRAS server.

 

[Loz]

Thanks Bill,

So what I need to do is set port forwarding on the ADSL router to
forward requests coming in on my Public IP address to my RRAS server
and that is it as far as that goes.
Then I have to enable Remote access on my RAS server.

I am still a bit vague about the DHCP service. My RRAS server is also
my DHCP server and is dishing out IP addresses to my LAN. The IP
addresses getting dished out by my ADSL router are of a different IP
schema. I think I am complicating the issue by having a wireless router
connected to my ADSL router.
The reason this is connected to the router is because my server is not
in the same room as my ADSL point. I've put wireless in so that my
server can pick up the internet connection via the wireless access
point to avoid having to get a point fitted in my office.
It is giving out one set of IP addresses to all my wireless devices but
I guess it should be the DHCP server that is dishing these out.
I only have one port on my ADSL router so this is making life a bit
difficult too.
I would ideally like to have one IP schema on my network and have the
wireless devices picking up IP addresses from the DHCP server not the
ADSL router.
Would this involve connecting the wireless access point to the server
rather than the router or do you know of a way I can get this to work
with the current setup.