T
Thomas H
Hello everyone,
I have an old Windows 2000 Server box (Pentium 3, 18 gb hard drive, 256 MB
RAM) that I wanted to turn into a VPN. (Either that or it gets thrown
out!). It has two network cards; one connects to a public IP address, and
the other connects to a 32-host VLAN in 172.16.x.x space. All the IP
addresses in this 172.16.x.x VLAN are static because they're for servers (no
workstations/terminals), so we don't have DHCP running.
I have Routing & Remote Access working so that it uses a few of our
172.16.x.x IP addresses- I just listed them in the static address pool. It
works great; I can connect from home and get access to all the private
subnet's resources. The problem is, since this VLAN is for servers, I only
have two IP addresses available!
Is there a way to set up an "internal-only" subnet just for remote users
that uses 192.168 space? By internal-only, I mean that I just want this
192.168 subnet to exist in the VPN server itself- without using physical
network resources. That way I could have 32 (or 64, or more!) possible
connections into our private subnet without wasting our VLAN addresses.
I tried putting a fake 192.168.x.x subnet into the static address pool. When
I connect with the VPN, I do get one of the 192.168 addresses. However, I
can't get "out" of the server. I can only ping the server's two network
cards. I can't even ping other servers on the same 172.16.x.x VLAN! I
played with setting up static routes, but only succeeded in ruining the
server's own connectivity to the rest of our network.
I don't really need to have our telecom guys create a separate subnet/VLAN
on the network (physical switch/router/cabling/etc), do I?
Thanks for any pointers/tips/help! I couldn't find anything like this
configuration on the internet, maybe it's not supported? Everything seemed
to say that the private NIC should go to a switch that had a VLAN with
enough IPs for remote connections. Nothing talked about setting up a subnet
inside the server itself for connections...
-Thomas
I have an old Windows 2000 Server box (Pentium 3, 18 gb hard drive, 256 MB
RAM) that I wanted to turn into a VPN. (Either that or it gets thrown
out!). It has two network cards; one connects to a public IP address, and
the other connects to a 32-host VLAN in 172.16.x.x space. All the IP
addresses in this 172.16.x.x VLAN are static because they're for servers (no
workstations/terminals), so we don't have DHCP running.
I have Routing & Remote Access working so that it uses a few of our
172.16.x.x IP addresses- I just listed them in the static address pool. It
works great; I can connect from home and get access to all the private
subnet's resources. The problem is, since this VLAN is for servers, I only
have two IP addresses available!
Is there a way to set up an "internal-only" subnet just for remote users
that uses 192.168 space? By internal-only, I mean that I just want this
192.168 subnet to exist in the VPN server itself- without using physical
network resources. That way I could have 32 (or 64, or more!) possible
connections into our private subnet without wasting our VLAN addresses.
I tried putting a fake 192.168.x.x subnet into the static address pool. When
I connect with the VPN, I do get one of the 192.168 addresses. However, I
can't get "out" of the server. I can only ping the server's two network
cards. I can't even ping other servers on the same 172.16.x.x VLAN! I
played with setting up static routes, but only succeeded in ruining the
server's own connectivity to the rest of our network.
I don't really need to have our telecom guys create a separate subnet/VLAN
on the network (physical switch/router/cabling/etc), do I?
Thanks for any pointers/tips/help! I couldn't find anything like this
configuration on the internet, maybe it's not supported? Everything seemed
to say that the private NIC should go to a switch that had a VLAN with
enough IPs for remote connections. Nothing talked about setting up a subnet
inside the server itself for connections...
-Thomas