Remote Access Setup Help

  • Thread starter Thread starter Philip
  • Start date Start date
P

Philip

Hi,
I have 2 windows 2000 servers. The first one is
configured for DNS, DHCP. I want to enable the second one
for Remote Access Server. There is one netowrk card
enabled on both servers. Is there any setting that I need
to configure in order for the remote access clients to get
an ip for the DHCP server on the first server? Is there
specific instructions on setting this up?

Thanks,
 
If the two servers are on the same LAN segment, you don't have to do
anything. The RRAS server will lease a batch of IP addresses from DHCP in
the normal way (by LAN broadcast) and hand them out to remote clients as
required. (The clients do not get their IP address directly from DHCP. They
get it from the RRAS server as part of the setup process).

If the two servers are in different segments, you need to activate the
DHCP relay service, so that the RRAS server can contact the DHCP server
directly.
 
Bill,

How can I effectively remove the RRAS server from the same segment as the
PDC and reinstall it. I believe my configurations are corrupt.

environment:

Windows 2000 Servers with Active Directory (Single Site)
1 RRAS server with static ip address.
DNS and DHCP active within the lan.

I have been able to connect with the client pc via the dial-up adapter, the
user is authenticated and connection remains intact, although no traffic is
allowed(example, tried telnet to one of the servers which I know telnet is
active on and connection is rejected.. At other times, the connection is
rejected with an error 31.

I have replaced the modem and ensured that the old device was removed from
the device manager.

Any advice would be appreciated!!

Thanks,
Doug
 
You don't have to use DHCP. You can use a static pool of addresses on
the server for RAS clients.

Is the RRAS server a domain member or a standalone? For a standalone,
you authenticate to the server's SAM database. If it is an AD member, it
needs to be part of the IAS and RAS server group, and RAS clients
authenticate to AD.
 
Hmmm,

I am using DHCP. RRAS is a domain member of windows 2000 server AD forest
(single).

I did some steps today.

I downloaded the latest service pack as well as hot fixes to bring the
system completely current on updates.


RRAs problem

windows XP pro client using either CMAK connection or manually created DUN
connection connects to the RAS server, appears to authenticate and remains
connected.

No network resources are available except for the RAS server

Ipconfig /all on client states that PPP adapter is active.
Shows description of WAN (PPP/SLIP) Interface.

Shows physical address of PPP
Dhcp is disabled even though the ras is using DHCP to assign it's address as
well as the dUN
clients.

Default gateway is the clients IP address and not the RAS server

Immediately after connecting, I can ping one address with is our email
server. I can ping both the
local area connection as well as the internal connection ip address listed
in the IP Routing > General Tab on the RRAS management console.

In route print, it lists the default gateway of the client and not the rras
server. I have attempted to
add a static route to list the class C network, mask, and the gateway as the
rras server.

Remote Access is set for allowing DHCP to provide lease to DUN client.
However, the IP address which is being provided to dun client is
already existing on LAN. I attempted to connect with a user that is
not allowed remote access and I was denied access.

What I believe is happening is this:

the DUN client initiates a connection to the RAS server.
client and RAS server perform their necessary handshakes for the modem.
RAS checks to see if the user is allowed remote access and finds that I am
provides a ipaddress from somewhere other than the DHCP (as the ip address
that is being granted to the client is identical to a ip address already on
network).
I attempt to ping a network IP address and I receive the first response and
then is dropped for the remaining requests.

Hmm....
Any help would be great.


Thanks,
Doug
 
Back
Top