troubleshooting Question

Configuring Winroute on Windows 2003 to enable RDP & VPN access.

Avatar of ajaikumarr
ajaikumarr asked on
NetworkingHardware FirewallsDHCP
16 Comments1 Solution1171 ViewsLast Modified:
Hai All,

Below is the settings in my server.
Windows 2003 EE.
  ADS Installed on Windows 2003
  DNS Installed on Windows 2003
  Winroute Firewall v6.1.4 Installed
  (No DHCP, WINS)
  All the users inside the local network are assigned with a static IP's.

Three Network Cards
  1. LAN
     IP   :- 192.168.100.1 (Static)
     Sub  :- 255.255.255.0
     GW   :- <NULL>
     DNS  :- 192.168.100.1
     
  2. ISP 1 (Using this for primary connection. ISP assigns Dynamic IP on router)
     IP   :- 192.168.1.2 (Static)
     Sub  :- 255.255.255.0
     GW   :- 192.168.1.1 (Router IP)
     DNS  :- 192.168.1.1 (Router IP)
     
  3. ISP 2 (Using this for backup & incomming connection. ISP provided Static IP)
     IP   :- 61.11.74.xxx (Static)
     Sub  :- 255.255.252.0
     GW   :- 61.11.72.1 (ISP's GW address)
     DNS1 :- 202.9.145.6 (ISP's DNS address)
     DNS2 :- 202.9.145.7 (ISP's DNS address)

"ISP 1" is primary connection on winroute and "ISP 2" is configured as backup connection which can switch over when the primary connection fails.
     

IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...44 45 53 54 89 88 ...... Kerio VPN adapter
0x10004 ...00 0e 0c 3b e2 ff ...... Intel(R) PRO/1000 MT Network Connection - Virtual Machine Network Services Driver <<LAN>>
0x10005 ...00 e0 4c e3 16 c3 ...... Realtek RTL8139/810x Family Fast Ethernet NIC <<ISP 1>>
0x10006 ...00 08 a1 8f ed aa ...... Realtek RTL8139 Family PCI Fast Ethernet NIC #2 <<ISP 2>>
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       61.11.72.1     61.11.74.xxx     20
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
       61.11.72.0    255.255.252.0     61.11.74.xxx     61.11.74.xxx     20
     61.11.74.xxx  255.255.255.255        127.0.0.1        127.0.0.1     20
   61.255.255.255  255.255.255.255     61.11.74.xxx     61.11.74.xxx     20
        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1      1
     169.254.70.0    255.255.255.0   169.254.70.157   169.254.70.157     20
   169.254.70.157  255.255.255.255        127.0.0.1        127.0.0.1     20
  169.254.255.255  255.255.255.255   169.254.70.157   169.254.70.157     20
      192.168.1.0    255.255.255.0      192.168.1.2      192.168.1.2     20
      192.168.1.2  255.255.255.255        127.0.0.1        127.0.0.1     20
    192.168.1.255  255.255.255.255      192.168.1.2      192.168.1.2     20
    192.168.100.0    255.255.255.0    192.168.100.1    192.168.100.1     20
    192.168.100.1  255.255.255.255        127.0.0.1        127.0.0.1     20
  192.168.100.255  255.255.255.255    192.168.100.1    192.168.100.1     20
        224.0.0.0        240.0.0.0     61.11.74.xxx     61.11.74.xxx     20
        224.0.0.0        240.0.0.0   169.254.70.157   169.254.70.157     20
        224.0.0.0        240.0.0.0      192.168.1.2      192.168.1.2     20
        224.0.0.0        240.0.0.0    192.168.100.1    192.168.100.1     20
  255.255.255.255  255.255.255.255     61.11.74.xxx     61.11.74.xxx      1
  255.255.255.255  255.255.255.255   169.254.70.157   169.254.70.157      1
  255.255.255.255  255.255.255.255      192.168.1.2      192.168.1.2      1
  255.255.255.255  255.255.255.255    192.168.100.1    192.168.100.1      1
Default Gateway:        192.168.1.1
===========================================================================
Persistent Routes:
  None

Winroute Configuration
----------------------
Trafic policy
=============
Name          Source          Destination          Service               Translation
RDP          ISP 2          61.11.74.xxx          PPTP              
                    ISP 2               RDP
                    Firewall          TCP 3389
                   
RDP          ISP 2          61.11.74.xxx          PPTP               192.168.100.1
                    ISP 2               RDP
                    Firewall          TCP 3389
                   
What I need to do is,
1. Allow internal users to go through "ISP 1" <Which is working great>.
2. Switch connection "ISP 2" when "ISP 1" connection fails <Which is also working great>.
3. Allow external users to come in (either RDP or VPN) through "ISP 2".
   If I ping this IP it return's the "ISP 1" ip rather than it's own IP.
   If the Default gateway is set to 61.11.72.1 then VPN works fine, but Outgoing connection is going through "ISP 2".
   To change the gateway to 61.11.72.1 I normally disable the "ISP 2" card and re-enable it this makes 61 series as default gateway.

The above structure is because, "ISP 1" does not have restriction on transfer capacity where as "ISP 2" is limited to 1GB/Month. That's why the outgoing connection is routed through "ISP 1" and incomming connection is routed through "ISP 2".

Can somebody guide me to setup Winroute for this situation
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 16 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 16 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros