Help setting VPN (RRAS) on W2K Advanced Server behind a router.

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello,

I currently want to setup my W2K Adv. Server as a VPN Server using RRAS.

From what i have read so far, the server machine has to have 2 ethernet
cards, on for the local network and one connected to the Internet.

The LAN ethernet must be assigned static IP's within the LAN (i.e
192.168.1.10) and the WAN ethernet must be given the public IP assigned by
the ISP. This is all clear to me.

But my case is a bit different. My W2K server is behind and ADSL
router-modem which is assigned a public IP from the ISP. Both ethernet cards
on the server are thus assigned private (LAN) IP's.

What should be the configuration of each ethernet card, assuming ETH1 should
be for the LAN and ETH2 should be for the WAN.

P.S. My network (LAN) has several machines which get their IP's from the
ADSL router. IP's are in the range of 192.168.1.xxx

Thank you in advanced.
 
In this case, the server can be just one NIC. This how to may help,

VPN SetupHow to setup VPN on w2k server with one NIC ... To setup a Windows 2000 server for VPN, open Routing and Remote Access console in the Administrative Tools ...
www.chicagotech.net/vpnsetup.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hello,

I currently want to setup my W2K Adv. Server as a VPN Server using RRAS.

From what i have read so far, the server machine has to have 2 ethernet
cards, on for the local network and one connected to the Internet.

The LAN ethernet must be assigned static IP's within the LAN (i.e
192.168.1.10) and the WAN ethernet must be given the public IP assigned by
the ISP. This is all clear to me.

But my case is a bit different. My W2K server is behind and ADSL
router-modem which is assigned a public IP from the ISP. Both ethernet cards
on the server are thus assigned private (LAN) IP's.

What should be the configuration of each ethernet card, assuming ETH1 should
be for the LAN and ETH2 should be for the WAN.

P.S. My network (LAN) has several machines which get their IP's from the
ADSL router. IP's are in the range of 192.168.1.xxx

Thank you in advanced.
 
Again, you don't need to have two NICs to setup RRAS/VPN if it is behind a router. If for some reasons, you must have multihomed server and enable NAT, you must configure it carefully, especially the routing and name resolution. Otherwise, you may have a connectivity issue.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi,

I don't know about that howto. I am also in the same situation one server
that I want to use VPN with, multiple NIC but all behind a Nat router.

The mistake I made was to use the main server IP as the internet connect,
once I connected it threw everybody off the network.

Prior to this I tried another test on another server with a made up private
IP on one nic which wasn't even connected, and the server IP as the network
connection.
When I made the remote VPN connect I went straight to lan ip because my
router can handle the VPN directly and I was able to authenticate directly to
the server.

Without the remote access and routing setup on the server I can't do
anything, what setup should I use to get this working?

Regards,
mauro
 
OK, it is the time to create a how to with screen print. I just published it in How to setup Windows 2003 as VPN server with one NIC - http://www.howtonetworking.com/VPN/2003vpn11.htm

Please post back with the result or any comments on the how to.

Thanks.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi Robert,

Thanks for confirming what I have been seeing.

The question is, HOW do you set it up then if during the configuration of
the RRAS it asks which NIC is the internet side? Is is okay to give the
other nic any IP and not even connecting it?
I have been searching for a step by step on how to set this up using one NIC
but can't find anything that completely describes the setup.

Any help would be appreciated, again Thanks for your time.

Regards,
Mauro
 
Mauro, when you say secure tunnel do you mean VPN...because VPN is a secure
tunnel. And if your router provides VPN server functionality then there is no
reason you should setup you Windows 2003 server as a VPN server.

Robert, is it possible you make a small HowTo for Win2K Adv Server as the
one you mentioned above?

Thank you very much for your help so far.
 
Hi,

Yes the router already provides a VPN tunnel, through a security
policy\certificate on the remote computers , all I want to do is setup a
remote access on the server and be able to login or authenticate after the
bootup and certificate activation so I can see the shared drives and other
resources.

Regards,
Mauro
 
Back
Top