Routing on Win2k Advanced Server

  • Thread starter Thread starter Paul Ponting
  • Start date Start date
P

Paul Ponting

Hi

I have a machine that has AD, DHCP and DNS installed.
The machine has two Network interfaces,
192.168.0.200
192.168.1.200

All users on the 192.168.0.x side get DHCP from the machine which give an
address in this range. It also gives DNS server info (192.168.0.200 -
itself) and Gateway (192.168.0.1) The gateway is a DLink ADSL router
connected to the internet.

What I want to do is get users on the 192.168.1.x side to obtain an address
in the 192.168.1.x range with DNS info (192.168.0.200 or 192.168.1.200 not
sure which should be set as both addresses are on the same box)

I also want to some how 'proxy' these users on the 192.168.1.x side so they
'proxy' through the server to the internet 9via the router) rather than
going direct to the router like on the other side. I would also like to
somehow have these users authenticate to use the internet (probably through
AD) and even monitor internet access and throttle bandwidth.

I am guessing I will need to set up routing between the two interfaces (not
sure which type of routing as there are about 5 choice in the routing
wizard).

At present, users on the 192.168.1.x side cannot even get an IP address from
the DHCP server, on the binding section within the DHCP server parameters,
both interface are ticked.

Any help appreciated, I guess I will need to give more details.
 
Hi Paul

First thing you need is for get your clients on the 192.168.1.x side to get
addresses from DHCP. Do you have a scope configured for the 192.168.1.x
range?
Next you will need to enable IP forwarding - the easiest way is for
confirure RRAS and select LAN ROUTER.
If you want to "proxy" the clients to the Internet and use authenitcation
you will need to add a "proxy" service. ISA Server would be a good choice.

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Marc

Thanks for the reply. I have set up a scope in DHCP for the 192.168.1.x
side but for some reason it is not issuing an IP address. I have allocated
a range of 192.168.1.11 to 192.168.1.20.
If I assign a static IP address, I cannot ping the server which seems
strange.
I swapped out the hub and tried a crossover cable with no luck. If I
disable this connection at either the client or the server though, the other
machine to the disable one says the network cable has been disconnected so
this must prove they can see each other.

Any ideas?
 
Just a little update, after setting the static IP address, I couldn't ping
the server from the client but I can see the data received counter on the
server NIC increasing. It looks as though ICMP is filtered but I have not
configured any of this.

Will report any more findings
 
Damm

Looks like I have screwed it up now. I ended up taking out the two cards
and switching them around to see if it was the slot. The fault stayed
there. I took out the new card and enabled the onboard adapter and am using
that.

When it booted up, the IP addresses were lost off the cards, I added them
again and I am now able to ping the client from the server but the client is
still unable to ping the server.

To make matters worse, after trying all this, Active Directory seems to have
died, if I load up Active Directory Users and Computers in Administrative
tools I get an error saying:

Naming Information Cannot be located because:
The Specified domain does not exist or could not be located....


And the whole system seems to have slowed down on bootup and login.


Any help greatly appreciated.
 
Looks like my service records for the server are screwed.
I used NetDiag /fix and it listed a few errors about this.
Anyone know how to fix this?

Ta.
 
Marc

I have it pretty much set up now, multi homed Win2k Server.
The server interfaces are:
Net A - 192.168.0.240
Net B - 192.168.1.240

Net A - 192.168.0.x is the 'live' side of the network. This has a internet
router at 192.168.0.1 amongst other things.

Net B - 192.168.1.x is the secure side (or will be).
What I want to do is set up a static route initial so that clients on Net B
can ping Net A clients.
I set configured Routing with the Network Router option (without demand
dialing)

As soon as the service started, the client on the 192.168.1.x side could
ping the webcam on 192.168.0.2 but was unabel to ping any other clients on
the 192.168.0.x subnet. All the client on this subnet can ping each other
so it is not an issue with the clients.

My first thought was ICMP was filtered, but it cant be as I can ping the the
webcam and the Net A interface on the server.

I have not added any static routes to the configuration, I have tried adding
some but they do not seem to make any difference.

I tried the following static routes

Interface - Net A
Destination - 192.168.0.0
Mask - 255.255.255.0
Gateway - 192.168.1.240

Interface - Net B
Destination - 192.168.1.0
Mask - 255.255.255.0
Gateway - 192.168.0.240

But neither made any difference.


Ideally, what I want to set up with the static routing is any client trying
to access the internet, I want the router to forward this to the Internet
Router on 192.168.0.1 so they get internet access on the Net B side.

I am guessing the Net B clients would have to have 192.168.1.240 as there
gateway, then the router would have to forward these requests to the
Internet router (192.168.0.1) if they are not on the Net A or Net B subnet.

Am I thinking right here?

Thanks
 
Back
Top