RRAS forwarding/NAT problems

  • Thread starter Thread starter T-Cat
  • Start date Start date
T

T-Cat

I've got RRAS allowing dial-in... it puts this on the "incoming" interface.
The other interfaces are "loopback" (127.0.0.1) and "Outside" (the NIC.)

But I can't figure out how to get the equivalent of ICS. The incoming
connection can ping the Server's address, but ONLY that address. Nothing
else. The server can ping the "incoming" interface ip address always and
the assigned i.p. of the dialed-in device when it's there, along with the
whole outside of course.

I've tried both static and NAT forwarding, but I seem to be missing a
concept. Static doesn't work, perhaps because the dial-up address is in
the 192.168 range, and NAT settings seem to be ignored for forwarding, plus
the only interface it offers is the "Outside" one. Is that the interface
NAT should be on?

Thanks
 
You seem a bit confused about how this all works. ICS and NAT are
concerned with allowing a privately addresses LAN client to access the
Internet. It has practically nothing to do with how a dialup client accesses
the LAN.

When a remote client sets up a RAS or VPN connection to your server, it
sets up a point-to-point connection. So there is an IP connection between
them, and they can ping each other using their "virtual" IP addesses. But it
is not the same as a LAN connection. In particular, it doesn't carry
broadcasts, so you cannot use broadcasts to resolve names.

Can you ping LAN machines by their IP? If you can, routing is working
but you may have a name resolution problem. Does the client have the correct
DNS server address and the correct domain suffix for the LAN clients?
 
I'm quite confused about some of Microsoft's terminology at any rate.

I can ping from the dial-up device (192.168.0.3) into my server
(xx.yy.zz.115). I can ping from the server to the device. I cannot ping
from the device to any other location except it's own gateway (192.168.0.2)
and the aforementioned server itself; no other addresses on my LAN, not the
main gateway, nothing in the real world.

If I set the dns server on the device to the server (which does have a DNS
on it), name resolution on the server works from the device and I can, for
example, load a webpage that is also on that server from the device. But I
cannot resolve names or load webpages that are on other servers on my
network or on the internet.

When I look at the NAT status, it has no mappings. I'm wondering if that's
the problem. I have set the server's NIC (xx.yy.zz.115) to being the
public interface and the dial-up as a private interface under the NAT
settings. Prior to doing that I had to issue a "netsh routing ip nat add
interface internal private" as per the M.S. knowledgebase, as it wasn't
showing otherwise.
 
Back
Top