Configuring a VPN on Win Server 3
This has been a confusing topic for me. My work on Cisco routers, VPN concentrators and clients seems to be unrelated to Windows approach. Plus setting up RRAS is very black-boxy and my textbook give the advice, “Better use the Wizard so it don’t get screwed up.” Thanks.
I wanted to set this up on the slower Win Server and hook it through the ZoomTown ISP via the Linksys router. It has settings to pass through PPTP, LT2P and IPSec. Okay, no configuration there. Just turn it on (it is on by default.)
So lets install another NIC in the second server, redboot69, and, oh yeah, it needs an IP. Wait it needs another network. Okay, the Linux LTSP is using 192.168.0.x/24, main net is 192.168.1.x/24, so lets make this 192.168.2.x/24. Changed Windows DHCP server– No that’s not right it won’t work on a separate net without DHCP Relay. Let’s change the Linksys DHCP to use .2.x. Okay that hands the new NIC a whole set of new parameters. But wait, let’s put that in statically and Windows give the error:
It does NOT want there to be two default gateways.
When it has automatically set this up using DHCP from the router, the route print command gives a goofy setup:
Note there are two default routes (0.0.0.0) So, then I set it up the 2nd NIC without a default gateway and without a DNS, we get:
and a route print of:
Looks better though still not sure what it does with the redundant multicast and broadcast lines. Does it send to both. I guess that’d make sense.
So now it’s on to setting this up. I occurs to me that the ZoomTown IP changes regularly but the RoadRunner IP never does. So, let’s set the main to use the ZoomTown (ZT) router. To do list is:
- Change the DHCP leases from 2 days to 2 hours so I can make this change effective quickly.
- Change DHCP option for DNS to have a backup of ZT DNS servers
- Update the WinSrv203 DHCPTurn off DHCP on the ZT router
- Change ZT router IP to 192.168.1.1 and turn it off
- Change WinSrv2003 DNS server to forward to ZT DNS servers (220.127.116.11 & 18.104.22.168) Actually just added these and pushed them to top of list
- Change RR router IP to 192.168.2.1
- Removed cable from basement RR router. Turned on ZT router and cabled over to regular hub.
- Visited workstations with wireless connections and switched default Access Point to “TheLab” instead of “wescott”
- Unplugged basement PC and plugged in long cord and plugged other end of long cord into common hub upstairs. I will need to move this computer to wireless so i can get it onto .1 network.
Tried to connect to192.168.2.1 from reboot69 and Firefox couldn’t get to it, nor could I ping it. I could pint 192.168.2.69 (itself). Hmm. Downloaded Angry IP and only got: