Window 2003 RRAS routing question...
agustinchernitsky
Member Posts: 299
in Off-Topic
Hello All!
I have one question... I have a RRAS server on a DMZ, with two NICs: one for the internet connected to a DMZ port and another for the internal LAN connected to a separated VLAN. The router connects to other 2 routers, in different offices thru VPN.
The diagram is something like this:
The RRAS server is connected to a public IP in R1 office DMZ. The 3 offices networks are:
192.168.0.0 /24
192.168.1.0 /24
192.168.2.0 /24
The RRAS server is connected to a separate VLAN with network 192.168.3.0 /24 which routes thru the R1 to all the company network and assigns DHCP.
Problem: Users should use their ISPs to access the internet when using VPN and not access the internet thru the company when they are connected to the VPN.
If I disable the opt "user remote network default gw", I can access the internet but not other networks besides 192.168.3.0 (DHCP assigned by RRAS).
If I enable this opt, I access all the enterprise networks (I can ping all networks).
The RRAS server can ping all networks (since I added all the required static routes).
Question: Is there a way to add static routes to the VPN clients?? Has anyone worked in this scenario before?
Any ideas?
I have one question... I have a RRAS server on a DMZ, with two NICs: one for the internet connected to a DMZ port and another for the internal LAN connected to a separated VLAN. The router connects to other 2 routers, in different offices thru VPN.
The diagram is something like this:
[R1] --- [RRAS] --- Internet | |----------| | | [R3] --- [R2]
The RRAS server is connected to a public IP in R1 office DMZ. The 3 offices networks are:
192.168.0.0 /24
192.168.1.0 /24
192.168.2.0 /24
The RRAS server is connected to a separate VLAN with network 192.168.3.0 /24 which routes thru the R1 to all the company network and assigns DHCP.
Problem: Users should use their ISPs to access the internet when using VPN and not access the internet thru the company when they are connected to the VPN.
If I disable the opt "user remote network default gw", I can access the internet but not other networks besides 192.168.3.0 (DHCP assigned by RRAS).
If I enable this opt, I access all the enterprise networks (I can ping all networks).
The RRAS server can ping all networks (since I added all the required static routes).
Question: Is there a way to add static routes to the VPN clients?? Has anyone worked in this scenario before?
Any ideas?