Making a dedicated win 2003 website server with 1 nic a VPN server that is hosted by a hosting company (godaddy).

I have a webserver that will host websites that I want to also make a VPN server to allow client machines to run "local" reporting while connected to the VPN.

I installed RAS, DHCP,  and SQL along with IIS for my sites. I can't  for the life of me figure out how to configure RAS to give client machines access to the server for reporting.

Not to mention every time I start RAS the server drops my RDP connection. I create a bat file and task that will disable RAS every minute so I can at least log back in and re-try configurations.

So what I need is a client machine to connect to this server via VPN then DHCP assigns the client a "local IP". All this and still keep websites running. My whole confusion is in the routing I think. I can't figure out how to give the server a "local ip"... It almost sounds like I need a virtual nic. I need help... Thanks in advance!
netadmin2004Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

netadmin2004Author Commented:
Is there someway I can use 1394 as the "2nd nic"??? Kinda sounds like it would work.
0
Rob WilliamsCommented:
>>"s there someway I can use 1394 as the "2nd nic"???"
No, but you don't need a second NIC.

Following link on my website outlines the Server config for the VPN. Works fine for 1 NIC. Likely you are using the wizard (std VPN config) which enables NAT and you loose the connection. Using the custom config, outlined in the link, you will loose connectivity for a few seconds while RRAS configures itself, but you should then be able to log back on without issue.
http://www.lan-2-wan.com/vpns-RRAS-1nic.htm
0
netadmin2004Author Commented:
That got my VPN set up RobWill. Thank you. Please post your solution on this question for me so I can award you those points: http://www.experts-exchange.com/Hardware/Servers/Q_24563986.html

For this question if you can answer my last part. Right now I have 2 static Ips being used, but I want more than this without paying. Is there any way I can assign real IPs with this server without another nic?
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

Rob WilliamsCommented:
Good to hear it is working.
I posted a comment on the other as requested,
--Rob
0
netadmin2004Author Commented:
Rob, I award you most points. Any clue on the rest of this question?
0
netadmin2004Author Commented:
Anyone? I'm stuck on creating local IPs. Sure I can set up DHCP, but I would somehow need to assign the server another "internal" IP before doing this. Hence the need for another Nic. Can I do this without another Nic and without purchasing additional IPs? right now I have 2 IPs at my disposal and I'll be needing them shortly.
0
Rob WilliamsCommented:
Can you explain what you mean by "creating local IP's".
The VPN client is assigned an IP by the RRAS DHCP server. When this happens local Internet access is lost due to the routing configured by the VPN client. If you need to maintain local network and Internet access, on the VPN client go to:
 control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
(for Vista: control panel | network & sharing center | connections | manage network connections | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")
0
netadmin2004Author Commented:
What you are saying is on the client end. What I mean is right now I do not have my VPN using DHCP. I only have 2 IP addresses that my clients can use to connect using. What my goal is, is to set up DHCP to give out more IPs so that I don't have to buy dedicated IP addresses. This calls for a local network setup behind my server. Since I am doing this all remote it's not like I can buy a router and set this up. I have to use the server as a router and DHCP and assign local IPs. The problem is, is that the server needs to have one of these internal or local IP addresses yet I only have one NIC that has a dedicated IP assigned to it. I need to sort of trick my server into thinking it's hosting this "vast" local network when really all it is doing is dishing out free IP addresses for my VPN users.
0
Rob WilliamsCommented:
I don't understand why you need multiple IP addresses on the server. You can have 100 users connect to one Server IP using a VPN.
0
netadmin2004Author Commented:
How would these 100 users get assigned IPs if no IPs are given to them by the server? Keep in mind, there is no router. And as I recall shouldn't you be allowed up to 254 users since a local IP scope holds 254 usable addresses?

When a client connect to a VPN server they get assigned an IP (either static or dynamic depending if there is a DHCP server). I have 2 static IPs assigned and that is all I have so my VPN is set up with only a max of 2 users that can connect. If DHCP is set up then there has to be a scope setup, but that scope must also contain the server on the scope.

Example: Say I have a server that has an external IP of 74.125.127.100. The client would connect to this IP using the VPN connection. The server also has an internal IP of 192.168.50.2 and is running DHCP (this would be the local network). DHCP hands out an IP of 192.168.50.3 to the client and now the client machine can connect. Using this scenerio I can have 253 users connected.

I'm missing the internal network. So far this is because I have no second NIC. I also cannot get a second NIC from godaddy as they do not support this.
0
Rob WilliamsCommented:
Ah! I understand what you are saying now. Sorry, I should have explained.
You don't have to create the static address pool in the same subnet as your existing adapter. The internal VPN DHCP service creates a virtual adapter on the server when the user connects, and will act as a DHCP server for the VPN clients and assign them an IP in the Static Address Pool.
For example if on your server you set a static address pool of 192.168.100.100 to 192.168.100.199, when the first user connects it will create a virtual adapter for the server which will use the first available IP of 192.168.100.100  If you run an ipconfig on the server you will see that, but not until the first user connects. The users can then access the server using the VPN addressing, not the public IP addressing such as \\192.168.100.100\ShareName
If for some reason you need to use the public IP of the server , via VPN,you would have to add a route to the client machine, but I don't recommend this as it could cause problems when not connected to the VPN.

As for 100 users, that was just a random number. You can have thousands of users if you want to set the static address pool that large such as 192.168.100.1 to 192.168.200.254 however, you only need as many available IP's as you have concurrent users, and keep in mind you are limited by the capabilities of the hardware and the bandwidth of the server connection.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
netadmin2004Author Commented:
Holy crap Rob, you're awesome thanks for that info! You made my day! That was the best exmplanation I could have asked for!
0
netadmin2004Author Commented:
"explanation" not "exmplanation"... That's what I get for writing too quick..
0
netadmin2004Author Commented:
awesome...
0
Rob WilliamsCommented:
Glad to hear that will work for you. Sorry I was slow to catch on to what the problem was.
Thanks netadmin2004.
Cheers
--Rob

PS- the following may give you a little more information on RRAS DHCP:
http://msmvps.com/blogs/robwill/archive/2008/05/09/rras-dhcp-options.aspx
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.