RRAS VPN Server locks down both Primary LAN and VPN Nics

[Charles Crooks]

Hello,

I've seen this on two different servers. Both had one nic as the primary
for LAN traffic, and the secondary nic was allocated for the VPN traffic.

The primary nic would have an address similar to 192.168.1.5 and the
secondary nic would have 192.168.1.105. (I have set this up before on my
own 2000 Server SP4 and have no problems) I was planning to forward traffic
to .105 via the router from the outside world.

At the clients site, the primary LAN was working fine, but, upon activation
of RRAS, while I was able to connect from a workstation on the local LAN to
IP address 192.168.1.105 and established a tunnel, the LAN side of the
network died as soon as RRAS was enabled. When I tried to ping from the
W2kServer, the response was unable to find resource. Seems like the system
couldn't talk to the nic.

The minute RRAS was disabled, all connectivity was restored.

BTW, Before disabling RRAS, I checked to see if any filters were applied to
the primary port and there were none.

Any ideas?

Charles
MCP

 

[Bill Grant]

RRAS is a router. It should not have two NICs in the same IP subnet.

If you already have an Intenet connection using a router, you only
need one NIC in the RRAS server. If you want to use the RRAS server as the
Internet connection point for your LAN (ie make it the default gateway for
your local LAN), the link between the RRAS router and your existing Internet
router should be in a different IP subnet from the LAN clients.