Interface Question

[The Ricster]

My VPN server has only one nic card installed. Why are the
Loopback and Internal interfaces listed in RRAS, and how
are they used. Should not my active interface be the nic,
although when installing, I got the message that the
interface should be only used for ras? (which would mean
that I could not see the rest of my lan).

Please help (since I cant seem to get any replies to my
other more important posts!

 

[Bill Grant]

The internal interface is used as the endpoint for a remote connection.
When a remote client connects, the server acquires an IP address from the
address pool to be the server end of the point to point connection. When a
remote client connects, the internal interface becomes active and is the
"virtual" interface for the remote connection.

Traffic between this interface and the LAN interface is controlled by
the server. If the remote client and the LAN machines are in different IP
subnets, traffic is routed between them by the RRAS server. If they are in
the same IP subnet, the server acts as a proxy for the remote machine and
relays traffic onto the LAN. It receives LAN replies addressed to the client
(using proxy ARP) and relays them over the point-to point link.

Note that this is purely an IP connection. It does not carry LAN
broadcasts. Name resolution will only work if you have a name server running
on the LAN (DNS or WINS). Otherwise you will need HOSTS or LMHOSTS files on
the client with entries for any LAN machines you want to access by name.

 

[The Ricster]

Great response! answered a lot of questions I had, (maybe
even the other main question I had previously posted -
Client connects but cant see lan -

I believe my client is connecting using the 'lan'
interface, when they should be using the 'internal'
interface. I will do some more testing and make sure.

by the way, I do have an internal (AD) DNS server running,
who's address should be given to the client by my DHCP, as
well as an external DNS.

Do I need to do anything to make sure that my client is
coming in on the 'internal' interface?

in either case many thanks for the info!!!


The Ricster
Ricsterware Inc.

 

[Bill Grant]

Your client will connect to the "virtual" IP. You can confirm this by
checking the "Details" after connection (click the connection icon on the
client, click the details tab).

On the client, check the Advanced TCP/IP settings to make sure the
client is set to obtain the DNS settings automatically. Also check that it
has the correct DNS suffix for your LAN. If these are correct, you should be
able to resolve names of LAN machines after connection. (eg, "nslookup
machine" should look for nslookup.mylan.local or whatever on your LAN DNS
server, and you should receive its IP address in reply.