How to Setup VPN/RRAS w/ Single NIC

[Mike A]

Hello,

Thanks in advance for the help.

Here's the environment.

1 Netopia Router. Setup NAT to point all PPTP traffic to
internal IP address, which is 2000 server that will
handle VPN.

2. 2000 Server to handle VPN is attached to Domain.

3. Server only has 1 network card.

I have successfully tested the VPN Connection via a
server that was not connected to the domain. Works fine.

When I attached the 2000 server to the domain, and
enabled RRAS on that server, I fail to see what I am
missing.

I have looked through the technet step by steps
(vpndeploy.doc) for a sever with a single network
interface and can't seem to get the server to
authenticate.

1. Can you give me a step by step for use with a single
network card. Remember, I was able to get this to work
with a 2000 server not attached to the domain and
defining a NAT on the Netopia to point all PPTP traffic
to the internal server address

2. Do I have to use IAS from the PDC?

Any help appreciated.

-Mike

 

[Bill Grant]

When you connect to a standalone server, you authenticate to its local
SAM database (and use local policies). If the server is a domain member, you
should authenticate to AD.

The dialin properties and remote access policies of AD are applied, and
the RRAS server must be a member of the IAS and RAS servers group of AD.

 

[Mike A.]

Hey Thanks,
Checked what you recommeded. The server seems to be in
the groups...

Is there any issue with having a single NIC?
-Mike

 

[Wajihy [MSFT]]

to configure the VPN server with one NIC, when you are prompted to define
the configuration roll of your VPN server select " custom" and continue;
that will configure the VPN server with one NIC.

for your second question: no, you have 2 options either use the VPN server
with radius auth in this case you will need to install IAS or use VPN with
windows auth in this case you don't need to install IAS


--

This posting is provided "AS IS", with NO warranties and confers NO rights

Upcoming Event: Tech Chat about "Secure Wireless authentication using IAS,
PEAP and EAP"
on September 25th at 10AM PT
http://communities2.microsoft.com/home/chatroom.aspx?siteid=34000081

 

[Mike A.]

Can we go over this please... sorry for being dense.

I have the router forwarding PPTP requests to the server.
I have the server in the "RAS and IAS Servers Properties"
I have the users checked for remote access.

Question 1: Have I touched all the right groups?

Walk me through this...
I got to "Routing and Remote Access"
I "Configure and Enable Routing and Remote Access"
I then have 5 options from the common configuration window.
I can't use the VPN option as it says I must have 2 NICS.

Question 2: What do I do next? Please walk me through it.

Again, thanks in advance.
-Mike

 

[Bill Grant]

At that point, select the remote access option. This will set up the WAN
miniports to allow VPN connections.

Test your server setup by making a VPN connection to your server from a
client on the same LAN (using the server's LAN IP). VPN will work over any
IP connection. This will allow you to debug any problems locally.

When this works, try connecting from a remote location using the
router's public IP. If you have forwarded PPTP from the router to the
server's LAN IP, you should be able to make a VPN connection from there,
just as you can locally.