Frosty555
asked on
Windows Server 2003 + NAT + DSL - ought to be easy
This one should be easy for anyone who knows what they're doing :)
I have a machine running Windows Server 2003, which I want to be my router/dhcp server/wins server for my small network. My internet is provided by Primus Canada, which is a high speed DSL provider. The little modem that came with my internet is configured in "bridge" mode. My internet uses dynamic IPs, and dynamic DNS server IP's.
My Server is already the DHCP server and WINS server and the LAN is working perfectly. All computers can talk to each other, as well as the server.
There are two NICs in the server. One connects to my switch on the lan side (call it the LAN NIC), the other goes to the primus modem (call it the WAN NIC). The LAN NIC has a static IP, the WAN NIC has an automatic IP.
Then I added an "Internet Connection" via Add New Connection Wizard, configured it for PPPoE to connect to the internet. It connects fine.
Then I configured Routing + Remote Access, setting it up as a "NAT/VPN", and selecting the WAN NIC as the network device that has the internet. Turned it on, everything seems fine. The DHCP server is allocating IP's in preparation for VPN clients just fine.
My SERVER has the internet now, and does all the LAN based routing for my entire network just fine.
PROBLEMS:
1) The "WAN NIC" never gets an IP. Even though the internet works. Always says "Limited or no connectivity". See the code snippet, you'll see the IP is the default invalid one.
2) Client's cannot connect to the internet. Probably because the "WAN NIC" isn't actually connected to anything, and I don't know why. Something wrong with my Routing + Remote Access settings?
3) Primus provides two DNS servers. You can see them in the code snippet under "PPP adapter", but how do I configure DHCP to use those addresses?
I have a machine running Windows Server 2003, which I want to be my router/dhcp server/wins server for my small network. My internet is provided by Primus Canada, which is a high speed DSL provider. The little modem that came with my internet is configured in "bridge" mode. My internet uses dynamic IPs, and dynamic DNS server IP's.
My Server is already the DHCP server and WINS server and the LAN is working perfectly. All computers can talk to each other, as well as the server.
There are two NICs in the server. One connects to my switch on the lan side (call it the LAN NIC), the other goes to the primus modem (call it the WAN NIC). The LAN NIC has a static IP, the WAN NIC has an automatic IP.
Then I added an "Internet Connection" via Add New Connection Wizard, configured it for PPPoE to connect to the internet. It connects fine.
Then I configured Routing + Remote Access, setting it up as a "NAT/VPN", and selecting the WAN NIC as the network device that has the internet. Turned it on, everything seems fine. The DHCP server is allocating IP's in preparation for VPN clients just fine.
My SERVER has the internet now, and does all the LAN based routing for my entire network just fine.
PROBLEMS:
1) The "WAN NIC" never gets an IP. Even though the internet works. Always says "Limited or no connectivity". See the code snippet, you'll see the IP is the default invalid one.
2) Client's cannot connect to the internet. Probably because the "WAN NIC" isn't actually connected to anything, and I don't know why. Something wrong with my Routing + Remote Access settings?
3) Primus provides two DNS servers. You can see them in the code snippet under "PPP adapter", but how do I configure DHCP to use those addresses?
IPCONFIG /ALL
Windows IP Configuration
Host Name . . . . . . . . . . . . : quasimodo
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
Ethernet adapter LAN NIC 100mbps:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SOHOware 10/100 PCI Network Adapter
Physical Address. . . . . . . . . : 00-80-C6-EB-CD-2E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Primary WINS Server . . . . . . . : 192.168.1.200
Ethernet adapter WAN NIC 10mbps:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel 21041-Based PCI Ethernet Adapter (
eneric) #2
Physical Address. . . . . . . . . : 00-E0-29-25-75-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.242.156
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
PPP adapter Primus High Speed Internet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 202.102.35.161
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 216.254.141.13
209.90.160.220
NetBIOS over Tcpip. . . . . . . . : Disabled
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
KDearing, you expressed concern about exposing the computer to the internet like this.
I have configured the basic firewall, currently it doesn't let ANYTHING through. I have successfully tested that my server's FTP server, IIS (web server), filesharing, and remote desktop are not accessible from other computers on the internet, even though those services are enabled and accessible on my LAN. Is there anything further I should be concerned about?
I have configured the basic firewall, currently it doesn't let ANYTHING through. I have successfully tested that my server's FTP server, IIS (web server), filesharing, and remote desktop are not accessible from other computers on the internet, even though those services are enabled and accessible on my LAN. Is there anything further I should be concerned about?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I take back point (4) on my comment #22733716. My DHCP server had the dns settings hardcoded in. NAT doesn't do anything related to relaying dns addresses to clients.
All seems to be well, provided my DHCP server has the dns settings hard coded in. If those dns settings ever change I will have problems until I fix it, though, and that doesn't really go with the set-it-and-forget-it mentality...
I'm actually on a workgroup, but WINS server is handling my computer name resolution. Are you suggesting that Quasimodo (that's the name of my server) be a DNS server as well? Will that cause any slowdowns as far as DNS name resolution for clients on the network goes?
I'm getting my hands on ICA server 2004 now. I'll see what I can do about using it instead of Windows Firewall.
All seems to be well, provided my DHCP server has the dns settings hard coded in. If those dns settings ever change I will have problems until I fix it, though, and that doesn't really go with the set-it-and-forget-it mentality...
I'm actually on a workgroup, but WINS server is handling my computer name resolution. Are you suggesting that Quasimodo (that's the name of my server) be a DNS server as well? Will that cause any slowdowns as far as DNS name resolution for clients on the network goes?
I'm getting my hands on ICA server 2004 now. I'll see what I can do about using it instead of Windows Firewall.
If you're not using your server as a Domain Controller, then you're good.
ASKER
Whoops, I already set it up. But it's working well enough. Oh well.
Thank you for your help, I'm really glad I got this working finally.
Thank you for your help, I'm really glad I got this working finally.
ASKER
KDearing: I need to host a website using IIS on the server. My modem's built in DHCP server is pathetic, you can't even change the DHCP's IP range. If you think I should put ISA on the computer, I can do that so long as you help me configure it :)
I tried hard coding the DNS servers into my DHCP server (e.g. I set the scope option so that DNS servers are 216.254.141.13 and 209.90.160.220. I even tried just setting up a static DNS on the client. Still no internet.
What else should I try? Or what other info do you guys need?