routing internal network IP to outside network (through adsl route

I am trying to route our IP on the 'inside' network to the 'outside' network.
The 'outside' network is connected to a ADSL modem/router which uses PPPoe
to connect to the internet and to a NIC on a Win2K Server. The 'inside' in
connected on a 2nd NIC on the same Win2K Server. I can access the internet
through the 'outside' network on the Server and access the 'inside' computers
also from the server.

I used RRA and used the 'Configure and enable RRA' wizard on the server,
selected the 'Internet connection server' then the Setup a router with NAT,
then selected 'outside' as the 'Use the slected Internet connection, then
selected 'inside' as the routing interface to have the shared Internet access.

I then tried to ping an internet address on the server. It translated the
www.xxx.com to an IP address but the got timeouts for the ping of that IP
address. If I disable RRA it works again.

I am obviously doing something wrong. Anybody have some ideas?

The following is the ipconfig/all before enabling RRA. The only difference
after enable RRA is the IP routing enable is 'yes'
Windows 2000 IP Configuration



Host Name . . . . . . . . . . . . : seir1srv
Primary DNS Suffix . . . . . . . : SEIRCORP.seir.com
Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : SEIRCORP.seir.com
lan
seir.com

Ethernet adapter wireless:



Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
Adapter #3
Physical Address. . . . . . . . . : 00-0C-41-ED-C7-D4

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.202

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.3

DHCP Server . . . . . . . . . . . : 192.168.0.3

DNS Servers . . . . . . . . . . . : 10.10.1.1
Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 8:55:55 AM

Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 8:55:55 AM


Ethernet adapter outside:



Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
Adapter #2
Physical Address. . . . . . . . . : 00-0C-41-EF-A2-72

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 9:21:46 AM

Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 9:21:46 AM


Ethernet adapter notused:



Media State . . . . . . . . . . . : Cable Disconnected

Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
Motherboard
Physical Address. . . . . . . . . : 00-30-48-10-8D-6A


Ethernet adapter Inside:



Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
Adapter
Physical Address. . . . . . . . . : 00-03-6D-20-25-8C

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 10.10.1.1

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : 127.0.0.1

Your server has three adapters, with three IP addresses, two different dns servers
configured, two default gateways, and appears to be a member of a domain. A Windows
computer can use only one default gateway at a time. Any others listed can only be
used for dead gateway detection. So it may be using the wrong default gateway.

Since you have a DSL router already, I would scrap using the server to use rras/NAT
[unless you need it for VPN] and simply have all the computers use your DSL router's
lan side IP address as their default gateway. If your server is in an AD Domain, you
should not use the DHCP on the router and instead use DHCP on an internal server
which performs functions other than issuing tcp/ip configuration including
registering dns pointer records. Unless you have a reason to have so many adapters,
your server will work better with only one network adapter on the lan subnet -
particularly if it is a domain controller. DNS configuration is critical in an Active
Directory domain as described in the link below for Active Directory dns FAQ. I think
if you simplify your networking configuration, things will work better. --- Steve

http://support.microsoft.com/default...en-us%3B291382 -- also shows how
to configure domain computers for internet DNS name resolution.

"mark reg" <mark (E-Mail Removed)> wrote in message
news:0FB8D963-92AE-408D-BEB9-(E-Mail Removed)...
>I am trying to route our IP on the 'inside' network to the 'outside' network.
> The 'outside' network is connected to a ADSL modem/router which uses PPPoe
> to connect to the internet and to a NIC on a Win2K Server. The 'inside' in
> connected on a 2nd NIC on the same Win2K Server. I can access the internet
> through the 'outside' network on the Server and access the 'inside' computers
> also from the server.
>
> I used RRA and used the 'Configure and enable RRA' wizard on the server,
> selected the 'Internet connection server' then the Setup a router with NAT,
> then selected 'outside' as the 'Use the slected Internet connection, then
> selected 'inside' as the routing interface to have the shared Internet access.
>
> I then tried to ping an internet address on the server. It translated the
> www.xxx.com to an IP address but the got timeouts for the ping of that IP
> address. If I disable RRA it works again.
>
> I am obviously doing something wrong. Anybody have some ideas?
>
> The following is the ipconfig/all before enabling RRA. The only difference
> after enable RRA is the IP routing enable is 'yes'
> Windows 2000 IP Configuration
>
>
>
> Host Name . . . . . . . . . . . . : seir1srv
> Primary DNS Suffix . . . . . . . : SEIRCORP.seir.com
> Node Type . . . . . . . . . . . . : Broadcast
>
> IP Routing Enabled. . . . . . . . : No
>
> WINS Proxy Enabled. . . . . . . . : No
>
> DNS Suffix Search List. . . . . . : SEIRCORP.seir.com
> lan
> seir.com
>
> Ethernet adapter wireless:
>
>
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> Adapter #3
> Physical Address. . . . . . . . . : 00-0C-41-ED-C7-D4
>
> DHCP Enabled. . . . . . . . . . . : Yes
>
> Autoconfiguration Enabled . . . . : Yes
>
> IP Address. . . . . . . . . . . . : 192.168.0.202
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>
> Default Gateway . . . . . . . . . : 192.168.0.3
>
> DHCP Server . . . . . . . . . . . : 192.168.0.3
>
> DNS Servers . . . . . . . . . . . : 10.10.1.1
> Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 8:55:55 AM
>
> Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 8:55:55 AM
>
>
> Ethernet adapter outside:
>
>
>
> Connection-specific DNS Suffix . : lan
> Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> Adapter #2
> Physical Address. . . . . . . . . : 00-0C-41-EF-A2-72
>
> DHCP Enabled. . . . . . . . . . . : Yes
>
> Autoconfiguration Enabled . . . . : Yes
>
> IP Address. . . . . . . . . . . . : 192.168.1.101
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>
> Default Gateway . . . . . . . . . : 192.168.1.1
>
> DHCP Server . . . . . . . . . . . : 192.168.1.1
>
> DNS Servers . . . . . . . . . . . : 192.168.1.1
> Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 9:21:46 AM
>
> Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 9:21:46 AM
>
>
> Ethernet adapter notused:
>
>
>
> Media State . . . . . . . . . . . : Cable Disconnected
>
> Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
> Motherboard
> Physical Address. . . . . . . . . : 00-30-48-10-8D-6A
>
>
> Ethernet adapter Inside:
>
>
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> Adapter
> Physical Address. . . . . . . . . : 00-03-6D-20-25-8C
>
> DHCP Enabled. . . . . . . . . . . : No
>
> IP Address. . . . . . . . . . . . : 10.10.1.1
>
> Subnet Mask . . . . . . . . . . . : 255.0.0.0
>
> Default Gateway . . . . . . . . . :
>
> DNS Servers . . . . . . . . . . . : 127.0.0.1
>

Steven,

Thank you for your suggestions. I did get the networks up and running.
Here's what I did.

We do have a field office we will be connecting through VPN. So we did want
to use RRAS.

The problems that needed to be corrected were:
the one you noticed was the 2 default gateways, both were automatically
assigned, removing the one from the 'wireless' network resolved the Server's
pinging problems.
The other was in the KB 291382 you suggested looking at. There was a "."
entry in the DNS forward look up table that prevented the 'inside' net from
getting 'outside'. Deleting this entry resolved the problem.

We also set the default gateway on the client machines to point to the
Server. (not the ADSL router)

Our goal was to have three subnets. An 'internal' network that can access
the server and Internet, a 'wireless' network that only accesses the server
and doesn't have access to the 'internal' network and an 'outside' network
that will allow a VPN with a remote office that only has access to the server.

Thank you for your help.

"Steven L Umbach" wrote:

> Your server has three adapters, with three IP addresses, two different dns servers
> configured, two default gateways, and appears to be a member of a domain. A Windows
> computer can use only one default gateway at a time. Any others listed can only be
> used for dead gateway detection. So it may be using the wrong default gateway.
>
> Since you have a DSL router already, I would scrap using the server to use rras/NAT
> [unless you need it for VPN] and simply have all the computers use your DSL router's
> lan side IP address as their default gateway. If your server is in an AD Domain, you
> should not use the DHCP on the router and instead use DHCP on an internal server
> which performs functions other than issuing tcp/ip configuration including
> registering dns pointer records. Unless you have a reason to have so many adapters,
> your server will work better with only one network adapter on the lan subnet -
> particularly if it is a domain controller. DNS configuration is critical in an Active
> Directory domain as described in the link below for Active Directory dns FAQ. I think
> if you simplify your networking configuration, things will work better. --- Steve
>
> http://support.microsoft.com/default...en-us%3B291382 -- also shows how
> to configure domain computers for internet DNS name resolution.
>
> "mark reg" <mark (E-Mail Removed)> wrote in message
> news:0FB8D963-92AE-408D-BEB9-(E-Mail Removed)...
> >I am trying to route our IP on the 'inside' network to the 'outside' network.
> > The 'outside' network is connected to a ADSL modem/router which uses PPPoe
> > to connect to the internet and to a NIC on a Win2K Server. The 'inside' in
> > connected on a 2nd NIC on the same Win2K Server. I can access the internet
> > through the 'outside' network on the Server and access the 'inside' computers
> > also from the server.
> >
> > I used RRA and used the 'Configure and enable RRA' wizard on the server,
> > selected the 'Internet connection server' then the Setup a router with NAT,
> > then selected 'outside' as the 'Use the slected Internet connection, then
> > selected 'inside' as the routing interface to have the shared Internet access.
> >
> > I then tried to ping an internet address on the server. It translated the
> > www.xxx.com to an IP address but the got timeouts for the ping of that IP
> > address. If I disable RRA it works again.
> >
> > I am obviously doing something wrong. Anybody have some ideas?
> >
> > The following is the ipconfig/all before enabling RRA. The only difference
> > after enable RRA is the IP routing enable is 'yes'
> > Windows 2000 IP Configuration
> >
> >
> >
> > Host Name . . . . . . . . . . . . : seir1srv
> > Primary DNS Suffix . . . . . . . : SEIRCORP.seir.com
> > Node Type . . . . . . . . . . . . : Broadcast
> >
> > IP Routing Enabled. . . . . . . . : No
> >
> > WINS Proxy Enabled. . . . . . . . : No
> >
> > DNS Suffix Search List. . . . . . : SEIRCORP.seir.com
> > lan
> > seir.com
> >
> > Ethernet adapter wireless:
> >
> >
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> > Adapter #3
> > Physical Address. . . . . . . . . : 00-0C-41-ED-C7-D4
> >
> > DHCP Enabled. . . . . . . . . . . : Yes
> >
> > Autoconfiguration Enabled . . . . : Yes
> >
> > IP Address. . . . . . . . . . . . : 192.168.0.202
> >
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >
> > Default Gateway . . . . . . . . . : 192.168.0.3
> >
> > DHCP Server . . . . . . . . . . . : 192.168.0.3
> >
> > DNS Servers . . . . . . . . . . . : 10.10.1.1
> > Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 8:55:55 AM
> >
> > Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 8:55:55 AM
> >
> >
> > Ethernet adapter outside:
> >
> >
> >
> > Connection-specific DNS Suffix . : lan
> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> > Adapter #2
> > Physical Address. . . . . . . . . : 00-0C-41-EF-A2-72
> >
> > DHCP Enabled. . . . . . . . . . . : Yes
> >
> > Autoconfiguration Enabled . . . . : Yes
> >
> > IP Address. . . . . . . . . . . . : 192.168.1.101
> >
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >
> > Default Gateway . . . . . . . . . : 192.168.1.1
> >
> > DHCP Server . . . . . . . . . . . : 192.168.1.1
> >
> > DNS Servers . . . . . . . . . . . : 192.168.1.1
> > Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 9:21:46 AM
> >
> > Lease Expires . . . . . . . . . . : Saturday, September 25, 2004 9:21:46 AM
> >
> >
> > Ethernet adapter notused:
> >
> >
> >
> > Media State . . . . . . . . . . . : Cable Disconnected
> >
> > Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
> > Motherboard
> > Physical Address. . . . . . . . . : 00-30-48-10-8D-6A
> >
> >
> > Ethernet adapter Inside:
> >
> >
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
> > Adapter
> > Physical Address. . . . . . . . . : 00-03-6D-20-25-8C
> >
> > DHCP Enabled. . . . . . . . . . . : No
> >
> > IP Address. . . . . . . . . . . . : 10.10.1.1
> >
> > Subnet Mask . . . . . . . . . . . : 255.0.0.0
> >
> > Default Gateway . . . . . . . . . :
> >
> > DNS Servers . . . . . . . . . . . : 127.0.0.1
> >
>
>
>

Hi Mark.

Glad you got it working and thanks for reporting back. It's the little
details that get in the way of success many times. --- Steve


"mark reg" <(E-Mail Removed)> wrote in message
news:1A575F3B-6207-4BBC-810E-(E-Mail Removed)...
> Steven,
>
> Thank you for your suggestions. I did get the networks up and running.
> Here's what I did.
>
> We do have a field office we will be connecting through VPN. So we did
> want
> to use RRAS.
>
> The problems that needed to be corrected were:
> the one you noticed was the 2 default gateways, both were automatically
> assigned, removing the one from the 'wireless' network resolved the
> Server's
> pinging problems.
> The other was in the KB 291382 you suggested looking at. There was a "."
> entry in the DNS forward look up table that prevented the 'inside' net
> from
> getting 'outside'. Deleting this entry resolved the problem.
>
> We also set the default gateway on the client machines to point to the
> Server. (not the ADSL router)
>
> Our goal was to have three subnets. An 'internal' network that can
> access
> the server and Internet, a 'wireless' network that only accesses the
> server
> and doesn't have access to the 'internal' network and an 'outside' network
> that will allow a VPN with a remote office that only has access to the
> server.
>
> Thank you for your help.
>
> "Steven L Umbach" wrote:
>
>> Your server has three adapters, with three IP addresses, two different
>> dns servers
>> configured, two default gateways, and appears to be a member of a
>> domain. A Windows
>> computer can use only one default gateway at a time. Any others listed
>> can only be
>> used for dead gateway detection. So it may be using the wrong default
>> gateway.
>>
>> Since you have a DSL router already, I would scrap using the server to
>> use rras/NAT
>> [unless you need it for VPN] and simply have all the computers use your
>> DSL router's
>> lan side IP address as their default gateway. If your server is in an AD
>> Domain, you
>> should not use the DHCP on the router and instead use DHCP on an internal
>> server
>> which performs functions other than issuing tcp/ip configuration
>> including
>> registering dns pointer records. Unless you have a reason to have so many
>> adapters,
>> your server will work better with only one network adapter on the lan
>> subnet -
>> particularly if it is a domain controller. DNS configuration is critical
>> in an Active
>> Directory domain as described in the link below for Active Directory dns
>> FAQ. I think
>> if you simplify your networking configuration, things will work
>> etter. --- Steve
>>
>> http://support.microsoft.com/default...en-us%3B291382 --
>> also shows how
>> to configure domain computers for internet DNS name resolution.
>>
>> "mark reg" <mark (E-Mail Removed)> wrote in message
>> news:0FB8D963-92AE-408D-BEB9-(E-Mail Removed)...
>> >I am trying to route our IP on the 'inside' network to the 'outside'
>> >network.
>> > The 'outside' network is connected to a ADSL modem/router which uses
>> > PPPoe
>> > to connect to the internet and to a NIC on a Win2K Server. The
>> > 'inside' in
>> > connected on a 2nd NIC on the same Win2K Server. I can access the
>> > internet
>> > through the 'outside' network on the Server and access the 'inside'
>> > computers
>> > also from the server.
>> >
>> > I used RRA and used the 'Configure and enable RRA' wizard on the
>> > server,
>> > selected the 'Internet connection server' then the Setup a router with
>> > NAT,
>> > then selected 'outside' as the 'Use the slected Internet connection,
>> > then
>> > selected 'inside' as the routing interface to have the shared Internet
>> > access.
>> >
>> > I then tried to ping an internet address on the server. It translated
>> > the
>> > www.xxx.com to an IP address but the got timeouts for the ping of that
>> > IP
>> > address. If I disable RRA it works again.
>> >
>> > I am obviously doing something wrong. Anybody have some ideas?
>> >
>> > The following is the ipconfig/all before enabling RRA. The only
>> > difference
>> > after enable RRA is the IP routing enable is 'yes'
>> > Windows 2000 IP Configuration
>> >
>> >
>> >
>> > Host Name . . . . . . . . . . . . : seir1srv
>> > Primary DNS Suffix . . . . . . . : SEIRCORP.seir.com
>> > Node Type . . . . . . . . . . . . : Broadcast
>> >
>> > IP Routing Enabled. . . . . . . . : No
>> >
>> > WINS Proxy Enabled. . . . . . . . : No
>> >
>> > DNS Suffix Search List. . . . . . : SEIRCORP.seir.com
>> > lan
>> > seir.com
>> >
>> > Ethernet adapter wireless:
>> >
>> >
>> >
>> > Connection-specific DNS Suffix . :
>> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
>> > Adapter #3
>> > Physical Address. . . . . . . . . : 00-0C-41-ED-C7-D4
>> >
>> > DHCP Enabled. . . . . . . . . . . : Yes
>> >
>> > Autoconfiguration Enabled . . . . : Yes
>> >
>> > IP Address. . . . . . . . . . . . : 192.168.0.202
>> >
>> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
>> >
>> > Default Gateway . . . . . . . . . : 192.168.0.3
>> >
>> > DHCP Server . . . . . . . . . . . : 192.168.0.3
>> >
>> > DNS Servers . . . . . . . . . . . : 10.10.1.1
>> > Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 8:55:55
>> > AM
>> >
>> > Lease Expires . . . . . . . . . . : Saturday, September 25, 2004
>> > 8:55:55 AM
>> >
>> >
>> > Ethernet adapter outside:
>> >
>> >
>> >
>> > Connection-specific DNS Suffix . : lan
>> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
>> > Adapter #2
>> > Physical Address. . . . . . . . . : 00-0C-41-EF-A2-72
>> >
>> > DHCP Enabled. . . . . . . . . . . : Yes
>> >
>> > Autoconfiguration Enabled . . . . : Yes
>> >
>> > IP Address. . . . . . . . . . . . : 192.168.1.101
>> >
>> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
>> >
>> > Default Gateway . . . . . . . . . : 192.168.1.1
>> >
>> > DHCP Server . . . . . . . . . . . : 192.168.1.1
>> >
>> > DNS Servers . . . . . . . . . . . : 192.168.1.1
>> > Lease Obtained. . . . . . . . . . : Friday, September 24, 2004 9:21:46
>> > AM
>> >
>> > Lease Expires . . . . . . . . . . : Saturday, September 25, 2004
>> > 9:21:46 AM
>> >
>> >
>> > Ethernet adapter notused:
>> >
>> >
>> >
>> > Media State . . . . . . . . . . . : Cable Disconnected
>> >
>> > Description . . . . . . . . . . . : Intel(R) 82559 Fast Ethernet LAN on
>> > Motherboard
>> > Physical Address. . . . . . . . . : 00-30-48-10-8D-6A
>> >
>> >
>> > Ethernet adapter Inside:
>> >
>> >
>> >
>> > Connection-specific DNS Suffix . :
>> > Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
>> > Adapter
>> > Physical Address. . . . . . . . . : 00-03-6D-20-25-8C
>> >
>> > DHCP Enabled. . . . . . . . . . . : No
>> >
>> > IP Address. . . . . . . . . . . . : 10.10.1.1
>> >
>> > Subnet Mask . . . . . . . . . . . : 255.0.0.0
>> >
>> > Default Gateway . . . . . . . . . :
>> >
>> > DNS Servers . . . . . . . . . . . : 127.0.0.1
>> >
>>
>>
>>