how to setup a domain controller to share its net connectivity?

[Leon]

I've read ICS is not the right solution to share internet access through a
network if using a server which has DNS and DHCP already installed.

So what else can be done?

 

[Marina Roos]

How do you connect to the internet? Do you have a router? Than connect that
to a 2nd nic.

Marina

 

[Doug Sherman [MVP]]

Use Routing and Remote Access.

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP

 

[Paul Antony]

If you're running Windows 2000 Advanced Server
Install 'Routing and Remote Access' from the 'Add/Remove
Windows Components'. Then enable NAT on Routing and
Remote Access. To do this you just type NAT in the windows
2000 help and it has procedures to configure NAT on
Routing and Remote Access. Usually takes about 10 minutes
to configure NAT. But when routing and remote access is
enabled, by default all ports are blocked from the
internet except the VPN ports. So you have to manually
enable a lot of ports on your public interface in RRAS
including http, ftp, etc., etc.,

Paul

 

[Leon]

Thx Paul,

I thought RRAS was the solution, just wanted to make sure.
Will it a go and see how I get on.

Thx

 

[Leon]

I have one client machine connecting to the server fine, with the DHCP
assigning it the internal IP address.

RRAS configured with NAT and both Internet/Private networking addapted
listed.

But the client machine is not able to achiene an internet connection, for i
nstance the browser, responds with the following error:
"Cannot find server or DNS Error"

The internal NIC (for LAN) has the IP of 192.168.0.1, subnet 255.255.255.0,
no gateway, and DNS set to the Domain Controllers IP address which is
running DNS/DHCP and the NIC connected to the Internet via the Router has
the ISP's details with the DNS servers in the forwarding tab and again the
Servers IP address is uses in the as the DNS entry for the 2nd NIC.

With all that said I have noticed a few errors in the Event Logs

-------------------------------
Event Type: Warning
Event Source: RemoteAccess
Event Category: None
Event ID: 20169
Date: 10/6/2003
Time: 11:49:34 AM
User: N/A
Computer: SERVER-2
Description:
Unable to contact a DHCP server. The Automatic Private IP Address
169.254.252.194 will be assigned to dial-in clients.

Clients may be unable to access resources on the network.
-------------------------------
Event Type: Warning
Event Source: ipnathlp
Event Category: None
Event ID: 30001
Date: 10/6/2003
Time: 1:00:21 PM
User: N/A
Computer: SERVER-2
Description:
The DHCP allocator was unable to check whether the IP address 192.168.0.94
is in use on the network for local IP address 192.168.0.1. This error may
indicate lack of support for address-resolution on the network, or an error
condition on the local machine. The data is the error code.
Data:
0000: 1f 00 00 00 ....
-------------------------------
Event Type: Error
Event Source: ipnathlp
Event Category: None
Event ID: 31002
Date: 10/6/2003
Time: 11:39:45 AM
User: N/A
Computer: SERVER-2
Description:
The DNS proxy agent was unable to bind to the IP address 192.168.0.1. This
error may indicate a problem with TCP/IP networking. The data is the error
code.
Data:
0000: 1d 27 00 00 .'..

 

[klync]

Hi,

You make sure the IP FORWARDING is enalbe. You will need to this in
Registry.

 

[Marina Roos]

In the RRAS configuration you can define if the RAS-clients should obtain an
IP from the DHCP-server and on which nic that should be. Point it to your
internal nic. An alternative is to set a static DHCP-pool for RAS-clients.

Marina

 

[Leon]

IP routing is enabled in RRAS, for the server properties under RRAS/IP tab.

IP forwarding is something I can't find, but you say to do this in the
registry, is this necessary?
Working with the registry can cause serious damage.

What would I need to do?

thx

 

[Leon]

Marina,

Thx for your reply.

I have RRAS configured to use DHCP to assign the client IP addresses, not
using the static address pool. The range is from 192.168.0.2 -
192.168.0.254

I have the setting ' Use the following adapter to obtain DHCP, DNS, and WINS
addresses for dial-up clients' set to Allow RAS to select adapter.

Although I have no remote users dialing in so this setting is not required
really.

One thing I have not configured is WINS, its running but not configured. Is
WINS a requiremnt for RAS to work?

On that note the client machines still can achieve net connectivity.

hmmm...

 

[Marina Roos]

Don't let RAS select the adapter. Make sure it is selecting the internal
nic.
RRAS is needed if you want remote access.
WINS is needed if you have W9x, ME or NT4 clients.

Marina