Guest Sid Posted April 2, 2008 Posted April 2, 2008 Hi, I have a w2k3 enterprise server, which is under a NAT. As my router does not have an integrated VPN server, I would like to set up my w2k3 to accept incoming VPN connections in order to have access to all my internal network from the Internet. The server has just one ehternet card using the DHCP of the router, so it has an IP like 192.168.1.2. I would use Internet IP to connect to the VPN from the Internet, and the Port forwarding would redirect my traffic to the server. I've set up the VPN using with the wizard of the Routing feature choosing the custom option, and then VPN. I can connect to my server using VPN, but the IP assigned belong to a different class (or at least netmask, don't remember) than that of the router. Is this the right way to create this kind of VPN?
Guest Bill Grant Posted April 2, 2008 Posted April 2, 2008 Re: VPN under NAT with a single eth interface: how? Can you ping the VPN server from the client by its IP address? If you can, the VPN connection is working. The netmask is a bit of a red herring. The most common "problem" is that people expect a VPN connection to work like a LAN connection. It doesn't! All you get is an IP connection from the guest to the VPN server. You don't automatically get name resolution. You don't get computer browsing. You do not do a domain login. "Sid" <micheledicosmo@gmail.com> wrote in message news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com... > Hi, > I have a w2k3 enterprise server, which is under a NAT. > > As my router does not have an integrated VPN server, I would like to > set up my w2k3 to accept incoming VPN connections in order to have > access to all my internal network from the Internet. > > The server has just one ehternet card using the DHCP of the router, so > it has an IP like 192.168.1.2. > > I would use Internet IP to connect to the VPN from the Internet, and > the Port forwarding would redirect my traffic to the server. > > I've set up the VPN using with the wizard of the Routing feature > choosing the custom option, and then VPN. I can connect to my server > using VPN, but the IP assigned belong to a different class (or at > least netmask, don't remember) than that of the router. Is this the > right way to create this kind of VPN?
Guest Sid Posted April 2, 2008 Posted April 2, 2008 Re: VPN under NAT with a single eth interface: how? On 2 Apr, 11:45, "Bill Grant" <not.available@online> wrote: > Can you ping the VPN server from the client by its IP address? If you > can, the VPN connection is working. The netmask is a bit of a red herring. > > The most common "problem" is that people expect a VPN connection to work > like a LAN connection. It doesn't! All you get is an IP connection from the > guest to the VPN server. You don't automatically get name resolution. You > don't get computer browsing. You do not do a domain login. > > "Sid" <micheledico...@gmail.com> wrote in message > > news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com... > > > Hi, > > I have a w2k3 enterprise server, which is under a NAT. > > > As my router does not have an integrated VPN server, I would like to > > set up my w2k3 to accept incoming VPN connections in order to have > > access to all my internal network from the Internet. > > > The server has just one ehternet card using the DHCP of the router, so > > it has an IP like 192.168.1.2. > > > I would use Internet IP to connect to the VPN from the Internet, and > > the Port forwarding would redirect my traffic to the server. > > > I've set up the VPN using with the wizard of the Routing feature > > choosing the custom option, and then VPN. I can connect to my server > > using VPN, but the IP assigned belong to a different class (or at > > least netmask, don't remember) than that of the router. Is this the > > right way to create this kind of VPN? U! Ok, thx! So, to get that working I have to create a "virtual adapter" and NAT that one to the LAN. Than make the VPN connect to the virtual adapter? Is there any way to create a virtual adapter?
Guest Bill Grant Posted April 3, 2008 Posted April 3, 2008 Re: VPN under NAT with a single eth interface: how? "Sid" <micheledicosmo@gmail.com> wrote in message news:b017faaa-17c2-4cc3-a6e6-39195b07e391@u69g2000hse.googlegroups.com... > On 2 Apr, 11:45, "Bill Grant" <not.available@online> wrote: >> Can you ping the VPN server from the client by its IP address? If you >> can, the VPN connection is working. The netmask is a bit of a red >> herring. >> >> The most common "problem" is that people expect a VPN connection to >> work >> like a LAN connection. It doesn't! All you get is an IP connection from >> the >> guest to the VPN server. You don't automatically get name resolution. You >> don't get computer browsing. You do not do a domain login. >> >> "Sid" <micheledico...@gmail.com> wrote in message >> >> news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com... >> >> > Hi, >> > I have a w2k3 enterprise server, which is under a NAT. >> >> > As my router does not have an integrated VPN server, I would like to >> > set up my w2k3 to accept incoming VPN connections in order to have >> > access to all my internal network from the Internet. >> >> > The server has just one ehternet card using the DHCP of the router, so >> > it has an IP like 192.168.1.2. >> >> > I would use Internet IP to connect to the VPN from the Internet, and >> > the Port forwarding would redirect my traffic to the server. >> >> > I've set up the VPN using with the wizard of the Routing feature >> > choosing the custom option, and then VPN. I can connect to my server >> > using VPN, but the IP assigned belong to a different class (or at >> > least netmask, don't remember) than that of the router. Is this the >> > right way to create this kind of VPN? > > U! Ok, thx! So, to get that working I have to create a "virtual > adapter" and NAT that one to the LAN. Than make the VPN connect to the > virtual adapter? > Is there any way to create a virtual adapter? What gave you that idea! When you connect, click on the icon in the task bar an see what IP address the client has received. It will also show you what the server IP address is. Can you ping the server using this address? Can you ping another machine on the LAN using its IP address? If you used the default setup, the client should have an IP in the same subnet as your LAN machines. If that works, your VPN is doing what it should do. What you probably need is name resolution. Is DNS running on the LAN?
Recommended Posts