Hi Pat,
Thank you for the update!
The ICF of Windows Server 2003 blocks both incoming and outgoing request.
If you only want to disable incoming, you may use the Routing and Remote
Access console.
1. Open the console.
2. Select IP Routing->NAT->network adapter.
3. Open the properties of it and set the firewall.
Hope this answers your question!
Sincerely,
Jack Wang, MCSE 2000, MCSA, MCDBA, MCSD
Microsoft Partner Support
Get Secure! -
www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: Pat <
[email protected]>
| Subject: Re: Lab Network
| Date: Tue, 02 Mar 2004 12:30:21 -0500
| Message-ID: <
[email protected]>
| References: <
[email protected]>
<
[email protected]>
| X-Newsreader: Forte Agent 1.93/32.576 English (American)
| MIME-Version: 1.0
| Content-Type: text/plain; charset=us-ascii
| Content-Transfer-Encoding: 7bit
| Newsgroups: microsoft.public.win2000.ras_routing
| NNTP-Posting-Host: mail.htechnology.com 198.65.193.67
| Lines: 1
| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.ras_routing:11023
| X-Tomcat-NG: microsoft.public.win2000.ras_routing
|
| I tried setting up the basic firewall on the 192.168.1.241 interface
| and this blocked outgoing requests also. do I need to put in a public
| ip in the address pool?
|
| On Mon, 01 Mar 2004 15:56:56 GMT, (e-mail address removed) (Jack
| Wang [MSFT]) wrote:
|
| >Hi Pat,
| >
| >Thank you for posting here.
| >
| >RRAS doesn't support VLAN. You may setup NAT/firewall on te Windows
Server
| >2003 computer. To do so, please just enable firewall on the
192.168.1.241
| >network adapter. Then, the 192.168.1.0 network will not browse the
| >10.100.0.0 network. The 10.100.0.0 network can access the 192.168.1.0
| >network and the Internet.
| >
| >Hope this helps!
| >
| >Sincerely,
| >Jack Wang, MCSE 2000, MCSA, MCDBA, MCSD
| >Microsoft Partner Support
| >
| >Get Secure! -
www.microsoft.com/security
| >
| >=====================================================
| >When responding to posts, please "Reply to Group" via
| >your newsreader so that others may learn and benefit
| >from your issue.
| >=====================================================
| >
| >This posting is provided "AS IS" with no warranties, and confers no
rights.
| >--------------------
| >| From: Pat <
[email protected]>
| >| Subject: Lab Network
| >| Date: Sat, 28 Feb 2004 06:48:24 -0500
| >| Message-ID: <
[email protected]>
| >| X-Newsreader: Forte Agent 1.93/32.576 English (American)
| >| MIME-Version: 1.0
| >| Content-Type: text/plain; charset=us-ascii
| >| Content-Transfer-Encoding: 7bit
| >| Newsgroups: microsoft.public.win2000.ras_routing
| >| NNTP-Posting-Host: mail.htechnology.com 198.65.193.67
| >| Lines: 1
| >| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.ras_routing:10953
| >| X-Tomcat-NG: microsoft.public.win2000.ras_routing
| >|
| >| what I have now is the following
| >| Production network:
| >| W2K with AD and 100 users. on a 192.168.1.0 subnet.
| >|
| >| Lab network:
| >| W3K Ras server joined to production network for routing
| >| nic #1 192.168.1.241
| >| nic #2 10.100.0.1
| >| lab network on 10.100.0.0 subnet
| >|
| >| lab xp WS 10.100.0.2
| >| lab W3K server 10.100.0.3
| >|
| >| I have a route setup in my firewall for the 10.100.0.0 network, so I
| >| can get to the internet from my lab network. I can see the lab network
| >| from my production network. can RRas do any sought of Vlan so I
| >| can't see the lab network from the production network?
| >|
|
|
