Multihomed RRAS Configurations

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have Windows 2000 Advanced Server system with two network cards. Each card
is configured on a seperate subnet. My understanding of DHCP is that it
configures to the internal network card not the external network card. I am
creating a VPN connection with the external network card. I am running DNS
and DHCP on the server on my internal card. The second network card is
configured with a static IP address from a range of IP address. I want to be
able to come in two the RRAS server as the external network card or subnet
and see the resources on the internal network. My understanding is that I am
creating a multihomed DHCP server which should support multiple NICS. I also
understand that the server must be physicaly multihomed because the server
service will bind only the primary IP address on each interface. If the
internal network has multipe network IDs, and VPN clients need to reach
resources on these muutiple network IDs, configure the routing table on the
VPN server. The VPN clients take advantage of the router table on the VPN
server to reach resources on remote networks. It also recommends that you
configure the new routing table entries in RRAS GUI interface. My question is
what configuration is needed in DHCP on the server when you have two nic
cards. Do you setup the internal network card and then refer the second nic
card in a the same scope or do you setup another scope referencing the second
card (external network)and I also am aware that their is a DHCP relay agent
which works as a protocol router for DHCP messages. Currently, I am able to
log into the RRAS as a user and that user is seen on the RRAS server but I am
unable to see any network resources in My Network Places/The network
neigborhood! I have study many areas of infomation on the internet and I
have not found any area which explains the proper configuration of a two
subnets multihomed network running RRAS and DNS & DHCP on a server. I want
to be able to tunnel on a static IP address on a seperate network card but
then see the internal network at my office and see all the resources! I have
to believe that this would be almost a standard configuration for any small
business who doesn't want to expose his business to the rest of the world.

Thanks,
Robert

Note: If you need ipconfig /all or need IP routing tables please let me know.
 
not sure the issue. assuming you have two NICs, one is for the public ip and other is for the private ip, you should setup internal IP as VPN connection. if for some reasons you need two NICs to separate two networks, you should keep just one DHCP and use IP pool for the VPN clients and also enable IP routing. For more and other information, go to http://howtonetworking.com.

Don't send e-mail or reply to me except you need consulting services. Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
I recommend Brinkster for web hosting!

I have Windows 2000 Advanced Server system with two network cards. Each card
is configured on a seperate subnet. My understanding of DHCP is that it
configures to the internal network card not the external network card. I am
creating a VPN connection with the external network card. I am running DNS
and DHCP on the server on my internal card. The second network card is
configured with a static IP address from a range of IP address. I want to be
able to come in two the RRAS server as the external network card or subnet
and see the resources on the internal network. My understanding is that I am
creating a multihomed DHCP server which should support multiple NICS. I also
understand that the server must be physicaly multihomed because the server
service will bind only the primary IP address on each interface. If the
internal network has multipe network IDs, and VPN clients need to reach
resources on these muutiple network IDs, configure the routing table on the
VPN server. The VPN clients take advantage of the router table on the VPN
server to reach resources on remote networks. It also recommends that you
configure the new routing table entries in RRAS GUI interface. My question is
what configuration is needed in DHCP on the server when you have two nic
cards. Do you setup the internal network card and then refer the second nic
card in a the same scope or do you setup another scope referencing the second
card (external network)and I also am aware that their is a DHCP relay agent
which works as a protocol router for DHCP messages. Currently, I am able to
log into the RRAS as a user and that user is seen on the RRAS server but I am
unable to see any network resources in My Network Places/The network
neigborhood! I have study many areas of infomation on the internet and I
have not found any area which explains the proper configuration of a two
subnets multihomed network running RRAS and DNS & DHCP on a server. I want
to be able to tunnel on a static IP address on a seperate network card but
then see the internal network at my office and see all the resources! I have
to believe that this would be almost a standard configuration for any small
business who doesn't want to expose his business to the rest of the world.

Thanks,
Robert

Note: If you need ipconfig /all or need IP routing tables please let me know.
 
DHCP doesn't really have much to do with this problem. The VPN client
does not get its network config from the DHCP server. If you have set up the
RRAS server to use the DHCP option, what really happens is that the RRAS
server will lease a batch of IP addresses from DHCP to use for VPN.

When the client connects, it gets an IP (and other things like DNS and
WINS addresses) from the RRAS server. If you are using the DHCP option, the
client will get an IP address in the same subnet as your private LAN
(because the RRAS server got its addresses from your DHCP server). The VPN
client does not connect to either of the server's NICs. It connects to a
"virtual" interface which appears in the RRAS console with the name
"internal".

Making a VPN connection sets up a simple IP connection. It is not the
same thing as a LAN connection. Importantly it does not carry LAN
broadcasts, so name resolution and browsing does not work automatically.

Can you ping a LAN machine by its IP address? If yes, routing is
working. Can you ping a machine by its FQDN (ie its full name as it appears
in your local DNS server)? If yes, DNS is also working. Can you ping using
just machinename? If not, you will need to add your domain suffix to the
client's TCP/IP settings for the connection.

When you can ping by name, you should be able to browse that machine
using net view \\machinename, and then share files using net use
\\machinename\filename .
 
I have a Lan with 5 computers which is using the 192.168.0.X-192.168.0.254 IP
addresses from the router. The second NIC card I assigned a static IP
address from my ISP which is a different set of IP address. My question is I
want to come through the second NIC card which is on a diffenent subnet and
reach the resources on the local Lan which is where the server has the master
domain and the other computers connected to the domain. I assume I have to
second up the second NIC card with one of the static IP addresses from my
ISP. Please explain how I am suppose to route from the second NIC card to
the Lan using the RRAS server and VPN.

Thanks,
Robert
 
Back
Top