windows 2000 rras 3 nic router

[P. Herms]

Hi,

I want to configure win2k server as a router with 3 nics.

nic 1 is connected to network 192.168.0.x
nic 2 is connected to network 192.168.25.x
nic 3 is connected to the internet.

Problem is this. There are some programs running on network 192.168.0.x
which require this network to remain on-line. The new network (192.168.25.x)
wil be used to communicate with other branch offices.

I can't change the network 192.168.0.x to 192.168.25.x, because then these
will programs stop working (I already tried).

Also internet connectivity has to routed by this server.

How do I set up windows 2k as a router to accomplish this?

With regards,
P. Herms

 

[Faio Eric]

Hi Herms,

I have the same problem and still need the same solution to your problem.

I also read http://support.microsoft.com/?kbid=178993
but do not understand it well. Have you got the solution to solve your
problem?

 

[Kurt]

Hi,

I want to configure win2k server as a router with 3 nics.

nic 1 is connected to network 192.168.0.x
nic 2 is connected to network 192.168.25.x
nic 3 is connected to the internet.

Problem is this. There are some programs running on network 192.168.0.x
which require this network to remain on-line. The new network (192.168.25.x)
wil be used to communicate with other branch offices.

I can't change the network 192.168.0.x to 192.168.25.x, because then these
will programs stop working (I already tried).

Also internet connectivity has to routed by this server.

How do I set up windows 2k as a router to accomplish this?

With regards,
P. Herms

Maybe you could explain exactly what you are trying to accomplish. You
can set up Windows 2K Server to route between interfaces in the RRAS
snap-in. But you're mentioning problems, and I don't understand the
nature of those. How are the routed subnets connected? Do you have
connectivity to each subnet from the server? If the server is the
default gateway router and there are no more downstream routers, you
shouldn't need to do much other than enable routing between the two NICS
on the local segments. You'd have to configure NAT to the Internet, I'm
not sure if Windows permits NAT between multiple subnets.

....kurt

 

[Faio Eric]

hi,

I have the same situation as Herms too.

I have 2 switches, 1 with a workgroup with fixed IPs 192.168.0.*, subnet
255.255.255.0, gateway 192.168.0.254 and another workgroup with fixed IPs
192.168.1.*, subnet 255.255.255.0, gateway 192.168.1.254. The switches are
not to be connected together but to connect to a win2000 server which has
3nic

The win2000 server which have 3nics
nic 1 - 192.168.0.254, no gateway but connected to 192.168.0.* worgkroup
switch
nic 2 - 192.168.1.254 no gateway but connected to 192.168.1.* worgkroup
switch
nic 3 - connected to the internet through a Router and optains it IP,
Gateway & DNS settingfrom the router

The win2000 server can connect to the internet without problems.

Quest: How can I configure ras & routing to allow the 2 different workgoups
to see each other through win2000server and to be connected to the internet?
(without changing their IPs or connecting the 2 switched)

Problem 1: All 192.168.1.* workgroup can see each other and also ping
192.168.1.254 the win2000 server. They can also get their emails from the
server too but unable to browse the internet. The 192.168.0.* workgroup
cannot see each other and cannot get their emails and unable to browse the
internet too.

The email server on the win2000server's ip is 127.0.0.1 so that each
workgroup can both check their emails.

When I install ccproxy and configure it so that both workgroup can browse
the internet, only the 192.168.1.8 workgroup can now browse the net but the
other workgroup cannot.

I hope someone can help sort out this problem or guide me with the ras &
routing configuration?

Thanks in advance.

 

[Kurt]

hi,

I have the same situation as Herms too.

I have 2 switches, 1 with a workgroup with fixed IPs 192.168.0.*, subnet
255.255.255.0, gateway 192.168.0.254 and another workgroup with fixed IPs
192.168.1.*, subnet 255.255.255.0, gateway 192.168.1.254. The switches are
not to be connected together but to connect to a win2000 server which has
3nic

The win2000 server which have 3nics
nic 1 - 192.168.0.254, no gateway but connected to 192.168.0.* worgkroup
switch
nic 2 - 192.168.1.254 no gateway but connected to 192.168.1.* worgkroup
switch
nic 3 - connected to the internet through a Router and optains it IP,
Gateway & DNS settingfrom the router

The win2000 server can connect to the internet without problems.

Quest: How can I configure ras & routing to allow the 2 different workgoups
to see each other through win2000server and to be connected to the internet?
(without changing their IPs or connecting the 2 switched)

Problem 1: All 192.168.1.* workgroup can see each other and also ping
192.168.1.254 the win2000 server. They can also get their emails from the
server too but unable to browse the internet. The 192.168.0.* workgroup
cannot see each other and cannot get their emails and unable to browse the
internet too.

The email server on the win2000server's ip is 127.0.0.1 so that each
workgroup can both check their emails.

When I install ccproxy and configure it so that both workgroup can browse
the internet, only the 192.168.1.8 workgroup can now browse the net but the
other workgroup cannot.

I hope someone can help sort out this problem or guide me with the ras &
routing configuration?

Thanks in advance.

I really don't like to answer questions by making suggestions outside of
the realm of the question, but this one begs asking -- Why are you
trying to do this with a server? What you need is routers. If you must
have two subnets, you can buy one router (or router/firewall) that
connects one subnet to the Internet and another that routes the second
subnet (using NAT) to the Internet (Cost of both together well under
$100!). Or you could buy a more sophisticated router that will provide
NAT for multiple subnets, and allows you to add an access list that
prevents routing between subnets. There are plenty of ways to hook this
up depending on what your needs are. You could then use one NIC on each
subnet in your server so that both subnets could access email and other
services running on the server.

Another option would be to get another IP address from your ISP and just
run two independent subnets with the common server attached to both.

In the OP's case, where one subnet will connect to a remote site, a pair
of matching VPN routers (one at each site) is the ticket. This will
connect the sites and allow you to specify which IP addresses (or IP
address ranges) are allowed through the tunnel to the other end. If your
purpose in creating multiple subnets is purely to keep inter-site
traffic confined to a specific group of computers, this will accomplish
that without having to have multiple subnets.

....kurt