HELP ME VPN SERVER SETUP ON WIN2K SERVER

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I Have a W2K server with 2 NICS it has DHCP DNS ect running and serves to
win98 and XP clients using static IP adresses from 192.168.0.1 - 192.168.0.25
on utp cable connected via a switch. All clients access the internet through
an ADSL Router set up on 192.168.0.100 and all is well. I have recently
installed the second NIC on my server and both NICs are on 192.168.0.1 &
192.168.0.2 respectfully. I have an IP adress given to me by my internet
provider but at this point I have run out of steam. I have tried connecting
the router directly onto NIC 192.168.0.2 and running RAS/Routing setup but as
soon as I do this the whole network goes down so I have to retrace my steps
so that every one can keep working. I can access the Admin part of my router
easily from my remote home computer using the IP adress given me by my IP
provider so I think I have all the components in place. Would any one be good
enough to help me set up my windows 200 server as a vpn server in an easy to
follow manner as I cannot seem to relate the microsoft white papers that I
have found directly to my issue. Thankyou in anticipation

leigh(got to take this out)@davidchristopher.co.uk
 
quoted from http://howtonetworking.com.
Case Study – RRAS with 2 NICs messes up whole system



Situation: A company just upgraded their peer to peer network to domain network. They installed Windows Server 2003 with one NIC as Domain Controller, DHCP and DNS server. All computers access the Internet through a router.



Problem: They added another NIC to enable RRAS for VPN access. As soon as they enabled the RRAS, the no computers could not access the server and the Internet.



Troubleshooting:



The result of ipconfig /all they sent to us displays the two NICs are in the same IP range, 192.168.1.2 and 192.168.1.3.



Resolution: 1. They should not install two NICs on a DC.

2. Those two NICs should not be in the same IP range.

3. Since they already have a router, they don’t need to install the 2nd NIC for the VPN access.

4. If they do want use the Windows server as a router, they should assign a different IP range (for example, 172.16.1.1) to the 2nd NIC .



Don't send e-mail or reply to me except you need consulting services. Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
I recommend Brinkster for web hosting!

I Have a W2K server with 2 NICS it has DHCP DNS ect running and serves to
win98 and XP clients using static IP adresses from 192.168.0.1 - 192.168.0.25
on utp cable connected via a switch. All clients access the internet through
an ADSL Router set up on 192.168.0.100 and all is well. I have recently
installed the second NIC on my server and both NICs are on 192.168.0.1 &
192.168.0.2 respectfully. I have an IP adress given to me by my internet
provider but at this point I have run out of steam. I have tried connecting
the router directly onto NIC 192.168.0.2 and running RAS/Routing setup but as
soon as I do this the whole network goes down so I have to retrace my steps
so that every one can keep working. I can access the Admin part of my router
easily from my remote home computer using the IP adress given me by my IP
provider so I think I have all the components in place. Would any one be good
enough to help me set up my windows 200 server as a vpn server in an easy to
follow manner as I cannot seem to relate the microsoft white papers that I
have found directly to my issue. Thankyou in anticipation

leigh(got to take this out)@davidchristopher.co.uk
 
It really depends on what you want the final setup to look like. There
are really only three scenarios that make much sense.

1. Leave the hardware router as the gateway of the LAN, and leave the
server as a LAN machine with one NIC.

2. Make the server the gateway of your LAN. In that case, the router is
not connected to the LAN. It connects only to the "public" interface of the
server (on a different subnet from the LAN interface).

3. Throw away the router and put the server where the router used to be.

Both 1 and 2 above require using port forwarding on the router to get
the VPN traffic to the server.
 
Fantastic
I got it working using option 1 thankyou very much

Next problem is I cannot see the network I am connecting to but I can
connect to all resources availabe provided I know its location.

How can I browse the LAN im connecting to as if I was on a wired LAN client
 
Browsing (Network Neighborhood or Network Places) usually doesn't work.
The computer browser software uses Netbios names and LAN broadcasts to build
the browse list. The VPN link doesn't carry broadcasts, so this fails across
a VPN link. You should be able to see shares using net view \\servername .
 
I always find my problem to be expecting too much of windows. Once again
thankyou for your help net view works well

One last item that I would like clarified is

Having got everything working but using 1MB/512kb ADSL connections at both
ends the whole shooting match seems to be very slow. I was expecting to be
able to run an application over the connection and I have accomplished this
using a mapped drive to the server but it takes ages for the program to react
to commands inputted remotely. Is this typical of a VPN connection or can I
tweek things a little
 
Yes, it will be slow. You have the overhead of encypting/encapsulating
every packet before it is sent, then decrypting/unencapsulating when it is
received. And you can only use the 512kb of the ADSL link because it is not
a download.

If you find that it is so slow that things time out, you may need to use
RDP or Terminal Services. Then the app runs on the server, and only the
video/keyboard/mouse data has to cross the VPN.
 
THANK YOU

Bill you have been most helpful in expanding my understanding of this issue,
very clear and easy to understand.

Best Regards to You
 
Back
Top