Solved

Routing and Remote Access on Domain Controller

Posted on 2007-04-03
6
304 Views
Last Modified: 2013-12-05
Hello all,

I was looking around in DHCP and found that there were 8 IP addesses linked to the domain controller and has RAS listed as the Unique ID.  I have DHCP installed and should I stop using RAS? What other purpose can it be using for my network that is using DHCP?
Thanks
0
Comment
Question by:mancoi
  • 3
  • 3
6 Comments
 

Author Comment

by:mancoi
ID: 18847126
Here is a screen shot of my DHCP console if you re interested.

http://download.yousendit.com/EF3F904C7085A465
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18848165
Do you have RRAS set up to accept VPN connections? If so RRAS reserves 10 DHCP IP's/leases, one for the server itself, and 9 more for VPN clients. If configured to accept more than ten when it runs out of IP's for the VPN clients, it will reserve another 10 DHCP leases..
This is normal behavior. Don;t disable RRAS unless you no not need any of the services it may be supporting such as VPN, routing, NAT, or DHCP relay.
0
 

Author Comment

by:mancoi
ID: 18848411
How can I tell if I am running those services?
I have a VPN router, so I guess I am not using RAS's VPN?
How can I tell if I use it for routing?
I have a WAN modem for NAT? am I in the clear?
I have 2 DC's next to each other on the same netowrk/ subnet. Am I in the clear for not using the DHCP relay?
Are there settings in RAS that I can tell if I am using these services?
Thanks RobWill...
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18849901
>>"How can I tell if I am running those services?"
You can check the Services Management control panel to see if it is automatic and started, and/or open the RRAS management console and see if there is a red (stopped) or green (started) dot on the server name.

>>"I have a VPN router, so I guess I am not using RAS's VPN?"
That doesn't mean you are not using, but PROBABLY means you don't need it. I have seen both in use. One for IPSec and 1 for PPTP

>>"How can I tell if I use it for routing?"
If the server has 2 NIC's in different subnets you probably are using it for routing.

>>"I have a WAN modem for NAT? am I in the clear?"
Again check for 2 NIC". NAT requires 2. If you have 2 in the RRAS console, expand the server name, then the IP routing icon, right click on NAT (if present, if not it's not in use), click on the address assignment tab, if address assignment is unchecked it's not in use

>>"I have 2 DC's next to each other on the same netowrk/ subnet. Am I in the clear for not using the DHCP relay?"
DC's have nothing to do with it, but easy to check. Open the RRAS console, expand the server, expand the IP routing icon, right click on DHCP Relay Agent and choose properties, if there is no IP in the resulting box, you are not using it. It's possible it is enabled for the VPN clients, but not needed if not using the VPN.

>>"Are there settings in RAS that I can tell if I am using these services?"
Check the VPN. Right click on the server name in RRAS and choose properties, See if "remote access server" is checked. If so VPN is enabled, but you would have to check what your VPN users are connecting to, to see if it is in use.

In the RRAS console don't disable in RRAS by right clicking on the server name but rather right click on the server name and choose all tasks, then stop. Stop will retain the configuration if you re-start. Disabling RRAS will delete the configs, if any.
0
 

Author Comment

by:mancoi
ID: 18850107
Thanks RobWill
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18850125
Very welcome. Thank you mancoi.
Cheers !
--Rob
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

A Cisco router can be configured as a DHCP Server. There are advantages and disadvantages in making your Cisco router work as DHCP Server. Almost all the features for windows DHCP can be configured on Cisco-based DHCP server. Some of the features me…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now