| Author |
Message |
Ewan
Guest
|
 Posted:
Sat Jan 15, 2005 11:43 pm Post subject:
NAT & multi-subnet private network question |
|
|
Hi,
I'm currently trying some different lab scenarios as preperation for exam
70-291; currently i'm struggling with:
internet <--> hardware router with dhcp server <--> (Server1) w2k3 AD,
dhcp, DNS server, dhcp enabled adapter connected to hardware router + static
IP on private net <--> (server2) multi-homed W2k3 vpn server/router <-2 way
dial on demand vpn-> (server3) w2k VPN server/router
I can perform DNS/web browsing from the w2k3 AD server ok
I can do the same from the w2k3 VPN server ok
I can perform DNS lookups from the w2k vpn server, but web browsing doesn't
work
Server1 has its default gateway set as the adapter facing the hardware
router/dhcp server, and a static route back to server3's subnet (DDR appears
to be working ok)
Server2 has a default route of server1, and a static route to server3
Server3 has a static route of 0.0.0.0/24 that causes the DDR connection to
be started
Can anyone point me in the direction of where i'm going wrong with this
config?
thanks in advance |
|
| Back to top |
|
 |
Bill Grant
Guest
|
| Posted:
Sun Jan 16, 2005 5:34 am Post subject:
Re: NAT & multi-subnet private network question |
|
|
It's hard to be sure without any IP numbers. Exactly where is NAT being
done? At the hardware router?
My guess is that the hardware router doesn't know how to reach your
inner subnets. It only has an interface in the subnet which goes to server
1. Try adding static routes to the hardware router to forward your inner
subnets to server 1. Routing obviously works from there on.
"Ewan" <Ewan@discussions.microsoft.com> wrote in message
news:774CCA5D-B5AA-497F-A3C4-2E418ABAD6F7@microsoft.com...
| Quote: | Hi,
I'm currently trying some different lab scenarios as preperation for exam
70-291; currently i'm struggling with:
internet <--> hardware router with dhcp server <--> (Server1) w2k3 AD,
dhcp, DNS server, dhcp enabled adapter connected to hardware router +
static
IP on private net <--> (server2) multi-homed W2k3 vpn server/router <-2
way
dial on demand vpn-> (server3) w2k VPN server/router
I can perform DNS/web browsing from the w2k3 AD server ok
I can do the same from the w2k3 VPN server ok
I can perform DNS lookups from the w2k vpn server, but web browsing
doesn't
work
Server1 has its default gateway set as the adapter facing the hardware
router/dhcp server, and a static route back to server3's subnet (DDR
appears
to be working ok)
Server2 has a default route of server1, and a static route to server3
Server3 has a static route of 0.0.0.0/24 that causes the DDR connection to
be started
Can anyone point me in the direction of where i'm going wrong with this
config?
thanks in advance |
|
|
| Back to top |
|
|
Ewan
Guest
|
| Posted:
Sun Jan 16, 2005 5:25 pm Post subject:
Re: NAT & multi-subnet private network question |
|
|
hi Bill,
thanks for the hints. NAT was being done at the hardware router, and again
at server1. As it turned out, I hadn't fully understood the syntax of
specifying the static route for all destinations. I cleared the static routes
from the server3 in the explanation below, and added 0.0.0.0/0.0.0.0 to the
DDR adapter, and everything now works as I expected
"Bill Grant" wrote:
| Quote: | It's hard to be sure without any IP numbers. Exactly where is NAT being
done? At the hardware router?
My guess is that the hardware router doesn't know how to reach your
inner subnets. It only has an interface in the subnet which goes to server
1. Try adding static routes to the hardware router to forward your inner
subnets to server 1. Routing obviously works from there on.
"Ewan" <Ewan@discussions.microsoft.com> wrote in message
news:774CCA5D-B5AA-497F-A3C4-2E418ABAD6F7@microsoft.com...
Hi,
I'm currently trying some different lab scenarios as preperation for exam
70-291; currently i'm struggling with:
internet <--> hardware router with dhcp server <--> (Server1) w2k3 AD,
dhcp, DNS server, dhcp enabled adapter connected to hardware router +
static
IP on private net <--> (server2) multi-homed W2k3 vpn server/router <-2
way
dial on demand vpn-> (server3) w2k VPN server/router
I can perform DNS/web browsing from the w2k3 AD server ok
I can do the same from the w2k3 VPN server ok
I can perform DNS lookups from the w2k vpn server, but web browsing
doesn't
work
Server1 has its default gateway set as the adapter facing the hardware
router/dhcp server, and a static route back to server3's subnet (DDR
appears
to be working ok)
Server2 has a default route of server1, and a static route to server3
Server3 has a static route of 0.0.0.0/24 that causes the DDR connection to
be started
Can anyone point me in the direction of where i'm going wrong with this
config?
thanks in advance
|
|
|
| Back to top |
|
|
Bill Grant
Guest
|
| Posted:
Mon Jan 17, 2005 12:18 am Post subject:
Re: NAT & multi-subnet private network question |
|
|
Glad to hear you sorted it out. Doing NAT twice works OK for a test lab.
Without NAT on Server 1, you would need the extra routing on the Internet
router.
"Ewan" <Ewan@discussions.microsoft.com> wrote in message
news:3D77E5EC-75D3-4854-A76A-BFE5A2D9CD58@microsoft.com...
| Quote: | hi Bill,
thanks for the hints. NAT was being done at the hardware router, and again
at server1. As it turned out, I hadn't fully understood the syntax of
specifying the static route for all destinations. I cleared the static
routes
from the server3 in the explanation below, and added 0.0.0.0/0.0.0.0 to
the
DDR adapter, and everything now works as I expected
"Bill Grant" wrote:
It's hard to be sure without any IP numbers. Exactly where is NAT
being
done? At the hardware router?
My guess is that the hardware router doesn't know how to reach your
inner subnets. It only has an interface in the subnet which goes to
server
1. Try adding static routes to the hardware router to forward your inner
subnets to server 1. Routing obviously works from there on.
"Ewan" <Ewan@discussions.microsoft.com> wrote in message
news:774CCA5D-B5AA-497F-A3C4-2E418ABAD6F7@microsoft.com...
Hi,
I'm currently trying some different lab scenarios as preperation for
exam
70-291; currently i'm struggling with:
internet <--> hardware router with dhcp server <--> (Server1) w2k3 AD,
dhcp, DNS server, dhcp enabled adapter connected to hardware router +
static
IP on private net <--> (server2) multi-homed W2k3 vpn server/router <-2
way
dial on demand vpn-> (server3) w2k VPN server/router
I can perform DNS/web browsing from the w2k3 AD server ok
I can do the same from the w2k3 VPN server ok
I can perform DNS lookups from the w2k vpn server, but web browsing
doesn't
work
Server1 has its default gateway set as the adapter facing the hardware
router/dhcp server, and a static route back to server3's subnet (DDR
appears
to be working ok)
Server2 has a default route of server1, and a static route to server3
Server3 has a static route of 0.0.0.0/24 that causes the DDR connection
to
be started
Can anyone point me in the direction of where i'm going wrong with this
config?
thanks in advance
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in