Jump to content

VPN under NAT with a single eth interface: how?

Guest Sid

By Guest Sid
in Windows 2003 Server

 Share

Recommended Posts

Guest Sid

Guest Sid

Posted
Posted

Hi,

I have a w2k3 enterprise server, which is under a NAT.

 

As my router does not have an integrated VPN server, I would like to

set up my w2k3 to accept incoming VPN connections in order to have

access to all my internal network from the Internet.

 

The server has just one ehternet card using the DHCP of the router, so

it has an IP like 192.168.1.2.

 

I would use Internet IP to connect to the VPN from the Internet, and

the Port forwarding would redirect my traffic to the server.

 

I've set up the VPN using with the wizard of the Routing feature

choosing the custom option, and then VPN. I can connect to my server

using VPN, but the IP assigned belong to a different class (or at

least netmask, don't remember) than that of the router. Is this the

right way to create this kind of VPN?

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Bill Grant

Guest Bill Grant

Posted
Posted

Re: VPN under NAT with a single eth interface: how?

 

Can you ping the VPN server from the client by its IP address? If you

can, the VPN connection is working. The netmask is a bit of a red herring.

 

The most common "problem" is that people expect a VPN connection to work

like a LAN connection. It doesn't! All you get is an IP connection from the

guest to the VPN server. You don't automatically get name resolution. You

don't get computer browsing. You do not do a domain login.

 

"Sid" <micheledicosmo@gmail.com> wrote in message

news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com...

> Hi,

> I have a w2k3 enterprise server, which is under a NAT.

>

> As my router does not have an integrated VPN server, I would like to

> set up my w2k3 to accept incoming VPN connections in order to have

> access to all my internal network from the Internet.

>

> The server has just one ehternet card using the DHCP of the router, so

> it has an IP like 192.168.1.2.

>

> I would use Internet IP to connect to the VPN from the Internet, and

> the Port forwarding would redirect my traffic to the server.

>

> I've set up the VPN using with the wizard of the Routing feature

> choosing the custom option, and then VPN. I can connect to my server

> using VPN, but the IP assigned belong to a different class (or at

> least netmask, don't remember) than that of the router. Is this the

> right way to create this kind of VPN?

Guest Sid

Guest Sid

Posted
Posted

Re: VPN under NAT with a single eth interface: how?

 

On 2 Apr, 11:45, "Bill Grant" <not.available@online> wrote:

> Can you ping the VPN server from the client by its IP address? If you

> can, the VPN connection is working. The netmask is a bit of a red herring.

>

> The most common "problem" is that people expect a VPN connection to work

> like a LAN connection. It doesn't! All you get is an IP connection from the

> guest to the VPN server. You don't automatically get name resolution. You

> don't get computer browsing. You do not do a domain login.

>

> "Sid" <micheledico...@gmail.com> wrote in message

>

> news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com...

>

> > Hi,

> > I have a w2k3 enterprise server, which is under a NAT.

>

> > As my router does not have an integrated VPN server, I would like to

> > set up my w2k3 to accept incoming VPN connections in order to have

> > access to all my internal network from the Internet.

>

> > The server has just one ehternet card using the DHCP of the router, so

> > it has an IP like 192.168.1.2.

>

> > I would use Internet IP to connect to the VPN from the Internet, and

> > the Port forwarding would redirect my traffic to the server.

>

> > I've set up the VPN using with the wizard of the Routing feature

> > choosing the custom option, and then VPN. I can connect to my server

> > using VPN, but the IP assigned belong to a different class (or at

> > least netmask, don't remember) than that of the router. Is this the

> > right way to create this kind of VPN?

 

U! Ok, thx! So, to get that working I have to create a "virtual

adapter" and NAT that one to the LAN. Than make the VPN connect to the

virtual adapter?

Is there any way to create a virtual adapter?

Guest Bill Grant

Guest Bill Grant

Posted
Posted

Re: VPN under NAT with a single eth interface: how?

 

 

"Sid" <micheledicosmo@gmail.com> wrote in message

news:b017faaa-17c2-4cc3-a6e6-39195b07e391@u69g2000hse.googlegroups.com...

> On 2 Apr, 11:45, "Bill Grant" <not.available@online> wrote:

>> Can you ping the VPN server from the client by its IP address? If you

>> can, the VPN connection is working. The netmask is a bit of a red

>> herring.

>>

>> The most common "problem" is that people expect a VPN connection to

>> work

>> like a LAN connection. It doesn't! All you get is an IP connection from

>> the

>> guest to the VPN server. You don't automatically get name resolution. You

>> don't get computer browsing. You do not do a domain login.

>>

>> "Sid" <micheledico...@gmail.com> wrote in message

>>

>> news:b16d526f-7e82-47c0-8632-5868c17f4464@l42g2000hsc.googlegroups.com...

>>

>> > Hi,

>> > I have a w2k3 enterprise server, which is under a NAT.

>>

>> > As my router does not have an integrated VPN server, I would like to

>> > set up my w2k3 to accept incoming VPN connections in order to have

>> > access to all my internal network from the Internet.

>>

>> > The server has just one ehternet card using the DHCP of the router, so

>> > it has an IP like 192.168.1.2.

>>

>> > I would use Internet IP to connect to the VPN from the Internet, and

>> > the Port forwarding would redirect my traffic to the server.

>>

>> > I've set up the VPN using with the wizard of the Routing feature

>> > choosing the custom option, and then VPN. I can connect to my server

>> > using VPN, but the IP assigned belong to a different class (or at

>> > least netmask, don't remember) than that of the router. Is this the

>> > right way to create this kind of VPN?

>

> U! Ok, thx! So, to get that working I have to create a "virtual

> adapter" and NAT that one to the LAN. Than make the VPN connect to the

> virtual adapter?

> Is there any way to create a virtual adapter?

 

What gave you that idea! When you connect, click on the icon in the task

bar an see what IP address the client has received. It will also show you

what the server IP address is. Can you ping the server using this address?

Can you ping another machine on the LAN using its IP address? If you used

the default setup, the client should have an IP in the same subnet as your

LAN machines.

 

If that works, your VPN is doing what it should do. What you probably need

is name resolution. Is DNS running on the LAN?

 Share
Go to topic listing
×
×
  • Create New...