Hi everyone,
Im new here, so please take it easy on me, and bare with me, its a doozie...
I just set up a domain for the medium sized office I work for. I installed windows 2000 server on the server machine, registered a domain name (inmobilex.com), and setup DNS server/Active Directory/DHCP using the domain name. Im trying to setup some kind of remote access (VPN or remote domain log in) for the boss who wants to work from home, but I am having some probs.
Heres the situation: Our Microwave antenna ISP here in Mexico (GTEL) provides us with a range of static IP addresses that are INTERNAL to THEIR networks, from which we can access the external internet, for web browsing/chatting/etc. . As a courtesy, they can provide their customers (like us) with "Aliases" or "redirections" to some of their external IP addresses. I guess because they have a limited amount of public IPs. So, from the internal IP range we're assigned, we can designate a few of our internal IP addresses to be "open to the public" by having them referenced by some of the ISP's public/external IP addresses.
NOTE: Our ISP recently shut down icmp/ping traffic due to worms (I think), because no pinging goes either in or out of office, but the connections in and out are definitely still active.
Our internal IP range is 10.2.24.2--->10.2.24.254 = SNMask 255.255.255.0 . The non-dhcp "router" / MW device/ISP gateway installed on the wall which connects to the MW antenna is at "10.2.24.1." From this device, connection goes into a switch, and from the switch, connections go out to all clients and the win2k server. The server in question is statically set up on IP "10.2.24.220." This IP address (10.2.24.220) is referenced by "63.110.190.40" on the public internet by means of our ISPs routing. I dont know exactly how the ISP has this routing system setup, I only know that theyre also running win2k servers as far as their DNS servers go, so Im assuming it might be win2k servers "all around" in their net. I also know that I cant just manually change the IP of the server to the external IP(63.1190.190.40 instead of 10.2.24.220), because the ISP wont accept/route it.
I initially had problems setting up the domain and DNS server because the server "knows itself" to be located at "10.2.24.220" and not "63.110.190.40," so it couldnt make the connection between where the public internet believed the domain to be (63.110.190.40) and where the server thought it should be (10.2.24.220). For the office intranet domain/activedirectory, it was no problem because all of the clients were on the same internal net segment, and could deal with resolving the 10.2.24.220 address for AD/DNS query results. Since the same machine has to be the IIS Server, I had to add "www" host records to DNS for both the internal and external addresses (10.2.24.220 and 63.110.190.40) in order for people both inside and outside the office to access the website. whew...what a mouthful
ok, so now here's the big problem: trying to get some kind of remote access going: Im assuming that upon trying to resolve a domain or VPN log on request, the server and client return their internal IP addresses, so I keep getting "network path not found" because I "think" that the remote computer is trying to find "10.2.24.220" not "63.110.190.40." Ive tried to add my pc (at home behind a cable router) to the office domain using a domain admin account (shouldnt I be able to do this???), and I manage to get to the domain membership authorization window ("enter name/pw of a domain user with rights to add this comp to domain"), and then get a "net path not found error." Upon going to the office the next day, I'll see a new host record in DNS of the username I was utilizing in trying to connect to the office, but with the INTERNAL IP address of my home pc (192.168.1.100; behind cable router). Trying to setup a VPN gets even more confusing, based on the same scenario. The boss wont want to spend $$ for a VPN router, as he already has a regular cable router, so I was hoping to just go with win2k pro's VPN net connection option. Im really stumped as to how to make the internal IP--->external IP connections. PLEASE HELP.
