Solved

Making a dedicated win 2003 website server with 1 nic a VPN server that is hosted by a hosting company (godaddy).

Posted on 2009-07-13
15
320 Views
Last Modified: 2013-11-21
I have a webserver that will host websites that I want to also make a VPN server to allow client machines to run "local" reporting while connected to the VPN.

I installed RAS, DHCP,  and SQL along with IIS for my sites. I can't  for the life of me figure out how to configure RAS to give client machines access to the server for reporting.

Not to mention every time I start RAS the server drops my RDP connection. I create a bat file and task that will disable RAS every minute so I can at least log back in and re-try configurations.

So what I need is a client machine to connect to this server via VPN then DHCP assigns the client a "local IP". All this and still keep websites running. My whole confusion is in the routing I think. I can't figure out how to give the server a "local ip"... It almost sounds like I need a virtual nic. I need help... Thanks in advance!
0
Comment
Question by:netadmin2004
  • 9
  • 6
15 Comments
 

Author Comment

by:netadmin2004
ID: 24846003
Is there someway I can use 1394 as the "2nd nic"??? Kinda sounds like it would work.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24849608
>>"s there someway I can use 1394 as the "2nd nic"???"
No, but you don't need a second NIC.

Following link on my website outlines the Server config for the VPN. Works fine for 1 NIC. Likely you are using the wizard (std VPN config) which enables NAT and you loose the connection. Using the custom config, outlined in the link, you will loose connectivity for a few seconds while RRAS configures itself, but you should then be able to log back on without issue.
http://www.lan-2-wan.com/vpns-RRAS-1nic.htm
0
 

Author Comment

by:netadmin2004
ID: 24851542
That got my VPN set up RobWill. Thank you. Please post your solution on this question for me so I can award you those points: http://www.experts-exchange.com/Hardware/Servers/Q_24563986.html

For this question if you can answer my last part. Right now I have 2 static Ips being used, but I want more than this without paying. Is there any way I can assign real IPs with this server without another nic?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 24851580
Good to hear it is working.
I posted a comment on the other as requested,
--Rob
0
 

Author Comment

by:netadmin2004
ID: 24852723
Rob, I award you most points. Any clue on the rest of this question?
0
 

Author Comment

by:netadmin2004
ID: 24853614
Anyone? I'm stuck on creating local IPs. Sure I can set up DHCP, but I would somehow need to assign the server another "internal" IP before doing this. Hence the need for another Nic. Can I do this without another Nic and without purchasing additional IPs? right now I have 2 IPs at my disposal and I'll be needing them shortly.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24854320
Can you explain what you mean by "creating local IP's".
The VPN client is assigned an IP by the RRAS DHCP server. When this happens local Internet access is lost due to the routing configured by the VPN client. If you need to maintain local network and Internet access, on the VPN client go to:
 control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
(for Vista: control panel | network & sharing center | connections | manage network connections | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")
0
 

Author Comment

by:netadmin2004
ID: 24854786
What you are saying is on the client end. What I mean is right now I do not have my VPN using DHCP. I only have 2 IP addresses that my clients can use to connect using. What my goal is, is to set up DHCP to give out more IPs so that I don't have to buy dedicated IP addresses. This calls for a local network setup behind my server. Since I am doing this all remote it's not like I can buy a router and set this up. I have to use the server as a router and DHCP and assign local IPs. The problem is, is that the server needs to have one of these internal or local IP addresses yet I only have one NIC that has a dedicated IP assigned to it. I need to sort of trick my server into thinking it's hosting this "vast" local network when really all it is doing is dishing out free IP addresses for my VPN users.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24856131
I don't understand why you need multiple IP addresses on the server. You can have 100 users connect to one Server IP using a VPN.
0
 

Author Comment

by:netadmin2004
ID: 24858869
How would these 100 users get assigned IPs if no IPs are given to them by the server? Keep in mind, there is no router. And as I recall shouldn't you be allowed up to 254 users since a local IP scope holds 254 usable addresses?

When a client connect to a VPN server they get assigned an IP (either static or dynamic depending if there is a DHCP server). I have 2 static IPs assigned and that is all I have so my VPN is set up with only a max of 2 users that can connect. If DHCP is set up then there has to be a scope setup, but that scope must also contain the server on the scope.

Example: Say I have a server that has an external IP of 74.125.127.100. The client would connect to this IP using the VPN connection. The server also has an internal IP of 192.168.50.2 and is running DHCP (this would be the local network). DHCP hands out an IP of 192.168.50.3 to the client and now the client machine can connect. Using this scenerio I can have 253 users connected.

I'm missing the internal network. So far this is because I have no second NIC. I also cannot get a second NIC from godaddy as they do not support this.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 24859111
Ah! I understand what you are saying now. Sorry, I should have explained.
You don't have to create the static address pool in the same subnet as your existing adapter. The internal VPN DHCP service creates a virtual adapter on the server when the user connects, and will act as a DHCP server for the VPN clients and assign them an IP in the Static Address Pool.
For example if on your server you set a static address pool of 192.168.100.100 to 192.168.100.199, when the first user connects it will create a virtual adapter for the server which will use the first available IP of 192.168.100.100  If you run an ipconfig on the server you will see that, but not until the first user connects. The users can then access the server using the VPN addressing, not the public IP addressing such as \\192.168.100.100\ShareName
If for some reason you need to use the public IP of the server , via VPN,you would have to add a route to the client machine, but I don't recommend this as it could cause problems when not connected to the VPN.

As for 100 users, that was just a random number. You can have thousands of users if you want to set the static address pool that large such as 192.168.100.1 to 192.168.200.254 however, you only need as many available IP's as you have concurrent users, and keep in mind you are limited by the capabilities of the hardware and the bandwidth of the server connection.
0
 

Author Comment

by:netadmin2004
ID: 24859598
Holy crap Rob, you're awesome thanks for that info! You made my day! That was the best exmplanation I could have asked for!
0
 

Author Comment

by:netadmin2004
ID: 24859609
"explanation" not "exmplanation"... That's what I get for writing too quick..
0
 

Author Closing Comment

by:netadmin2004
ID: 31603098
awesome...
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24859700
Glad to hear that will work for you. Sorry I was slow to catch on to what the problem was.
Thanks netadmin2004.
Cheers
--Rob

PS- the following may give you a little more information on RRAS DHCP:
http://msmvps.com/blogs/robwill/archive/2008/05/09/rras-dhcp-options.aspx
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Fresh Exchange 2016 CU3 install, Server 2016 - w3wp.exe 100% CPU 7 111
shadow copies 7 77
AD Replications issues 12 106
Domain Trusts - Define AD Servers and Sites 9 63
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Know what services you can and cannot, should and should not combine on your server.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question