Longstreet_1861
asked on
cannot Coonect to internet while trying to configure Nat on win 2003
I am turning my win 2003 into a router via routing and remote access services. I have configured everything per the instructions off of the micro soft site. ONe nic card configured with ISP IP info and the other with my local netwrok info.Niether the machine that is the router nor the rest of my network can connect to the internet.
When opening services for people to use do I do that on the card that accesses the internet or card that access the local network ?
In opening services for everyone to use it asks for an IP address for the packets to go to. I assume this is the cmp[uter that is the router?
Do I need to bridge the two network cards?
Do I need to provide any IP pooling or WAN info from my ISP provider.?
When opening services for people to use do I do that on the card that accesses the internet or card that access the local network ?
In opening services for everyone to use it asks for an IP address for the packets to go to. I assume this is the cmp[uter that is the router?
Do I need to bridge the two network cards?
Do I need to provide any IP pooling or WAN info from my ISP provider.?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
OK, well we can ignore the NAT for the moment (which should be easy anyway).
If your modem is IP 10.1.10.1, it sounds like it is a router. That means it is already doing the NAT for you. Do you want to have the router adn your RRAS server doing NAT, or just one of them?
There's 3 ways to do this.
(1) Double-NAT. Leave your modem as a router, make your RRAS external IP 10.1.10.2 with gateway 10.1.10.1, and then go into the router config page to forward the service ports back to the RRAS 10.1.10.2. On the RRAS NAT, forward the service ports back to the web/server or computers that are providing the services.
(2) Router NAT only. Leave your modem as a router, disable RRAS, let the LAN connect directly to the router, forward the service ports in the router back to the workstations you want.
(3) RRAS NAT only. Set your RRAS server to IP 10.1.10.2 so that you can access the router config page and change the router to bridged mode. Now you can set the RRAS server back to the public IP detaiils you listed above. Forward the ports on the NAT back to the correct workstations.
Your workstations will need a default gateway. Make it the RRAS internal IP for option 1 & 3. Make it 10.1.10.1 for option 2.
Is this making sense?
If your modem is IP 10.1.10.1, it sounds like it is a router. That means it is already doing the NAT for you. Do you want to have the router adn your RRAS server doing NAT, or just one of them?
There's 3 ways to do this.
(1) Double-NAT. Leave your modem as a router, make your RRAS external IP 10.1.10.2 with gateway 10.1.10.1, and then go into the router config page to forward the service ports back to the RRAS 10.1.10.2. On the RRAS NAT, forward the service ports back to the web/server or computers that are providing the services.
(2) Router NAT only. Leave your modem as a router, disable RRAS, let the LAN connect directly to the router, forward the service ports in the router back to the workstations you want.
(3) RRAS NAT only. Set your RRAS server to IP 10.1.10.2 so that you can access the router config page and change the router to bridged mode. Now you can set the RRAS server back to the public IP detaiils you listed above. Forward the ports on the NAT back to the correct workstations.
Your workstations will need a default gateway. Make it the RRAS internal IP for option 1 & 3. Make it 10.1.10.1 for option 2.
Is this making sense?
Sorry I missed my first bit. I was going to say ignore the NAT part and the port forwarding part for the moment, just work on getting an internet connection to the RRAS server. To do this, you need to config the external NIC as in option 3 and then test the connection. Ping the modem, ping the IPS gateway, ping google etc. Then you can decide if you want the modem/router to be a router or a bridge.
ASKER
I have access the the ISP modem and all router services are turned off so I am going to go with option 3. I understand most of it. I have access to the ISP router and I do not see bridge option on the router. What would that look like, I have not doen that before.. Thanks
ASKER
Would bridging be the same thing as creating a static route .
No a static route is different altogether.
Umm the only other word I could think of for bridging is perhaps transparent. If you tell me your router model I'll find a user guide and point you to the right page/menu.
Can you see like a status page that tells you the WAN IP of the router? I'm just curious if it has one or not. If you're not in bridged mode yet, it should be the same public IP that you mentioned. Although turning off routing features should mean you are in bridged mode already.
There's one other thing that concerns me. It could be a security risk posting your actual IP settings, like you did. I'm sorry I didn't mention it, but generally on these posts you'd give fake details. Perhaps you could press the Request Attention button and ask a moderator to edit the settings for you. You could even specify some fake ones of your own choosing.
Umm the only other word I could think of for bridging is perhaps transparent. If you tell me your router model I'll find a user guide and point you to the right page/menu.
Can you see like a status page that tells you the WAN IP of the router? I'm just curious if it has one or not. If you're not in bridged mode yet, it should be the same public IP that you mentioned. Although turning off routing features should mean you are in bridged mode already.
There's one other thing that concerns me. It could be a security risk posting your actual IP settings, like you did. I'm sorry I didn't mention it, but generally on these posts you'd give fake details. Perhaps you could press the Request Attention button and ask a moderator to edit the settings for you. You could even specify some fake ones of your own choosing.
ASKER
the wan address of our is our static IP which was 70.91.192..209 our router is an SMC8014
"My moden ip 10.1.10.1"
But I dont think your modem should not have an IP address, or if it does, it should be the gateway address (10.1.10.1 doesn't match subnets of the other settings you gave.)
If you take a plain old computer(or your server), plug it directly into your DSL modem.
Set the PC's connected nic ip address to 70.92.192.209.
at a command prompt ping the gateway:
ping 70.92.192.210
*this gateway IP should be the modem or ISP equipment at the far end of your dsl line.
If this does not work, you should call your ISP and tell them that test does not work. If your dsl modem need to be reconfigured, they will help you with that.
Are you going to use ISA, what kind of firewall do you have?
But I dont think your modem should not have an IP address, or if it does, it should be the gateway address (10.1.10.1 doesn't match subnets of the other settings you gave.)
If you take a plain old computer(or your server), plug it directly into your DSL modem.
Set the PC's connected nic ip address to 70.92.192.209.
at a command prompt ping the gateway:
ping 70.92.192.210
*this gateway IP should be the modem or ISP equipment at the far end of your dsl line.
If this does not work, you should call your ISP and tell them that test does not work. If your dsl modem need to be reconfigured, they will help you with that.
Are you going to use ISA, what kind of firewall do you have?
Here's your manual http://www.smc.com/files/AA/MN_SMC8014-BIZ.pdf and it seems you're right, there is no bridging. I also notice that this is cable, not DSL, and you modem is called a gateway (usually aka router).
It's possible that Korbus is right, but his directions assume that your modem would already be bridged. I doubt that's the case, because it seems to be a router itself with the public IP on the external side and a 10.x.x.x IP on the private side.
A good test would be this ... Leave the modem on it's normal settings and put the RRAS server's external NIC into DHCP client mode ("automatically assign an IP address" on the TCP/IP settings), and see if it gets a 10.x.x.x IP from the modem. If it does, you should actually be able to browse the net like that.
So really, we're looking at option 1. Now all you need to do is set a static IP of 10.x.x.x on the RRAS's external NIC. Now you need to do the port forwarding on your RRAS and on the SMC modem (see manual p16).
It's possible that Korbus is right, but his directions assume that your modem would already be bridged. I doubt that's the case, because it seems to be a router itself with the public IP on the external side and a 10.x.x.x IP on the private side.
A good test would be this ... Leave the modem on it's normal settings and put the RRAS server's external NIC into DHCP client mode ("automatically assign an IP address" on the TCP/IP settings), and see if it gets a 10.x.x.x IP from the modem. If it does, you should actually be able to browse the net like that.
So really, we're looking at option 1. Now all you need to do is set a static IP of 10.x.x.x on the RRAS's external NIC. Now you need to do the port forwarding on your RRAS and on the SMC modem (see manual p16).
So ... how'd you go?
yeah, how'd ya fix it?
ASKER
external nic card IP address is 70.92.192.209
SUBNET 255.255.255.252
DEFAULT 90.92.192.210
DNS 68.87.68.162
Internal IP 192.168.1.2
subnet 255.255.255.0
no default
ponts to IS DNS
My moden ip 10.1.10.1