Server2008R2 with NAT routing .. doesn't route
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
in Off-Topic
I have done this so many times, I am not sure what I am missing here now ...
This scenario has two stations so far
1. Server
2. Client
Server got two NICs,
1. 85.232.38.162 /28
2. 192.168.0.162 / 24
Client one
1. 192.168.0.170 - using .162 as a gateway
On the RRAS server (.162) I am now adding the role - NAT and VPN, here you can see how
Now I rebooted the box and the sorts, but the client just cannot route out to the internet - it can ping both IPs of the server, just not the gateway - could someone point me into the right direction by any chance ?
This scenario has two stations so far
1. Server
2. Client
Server got two NICs,
1. 85.232.38.162 /28
2. 192.168.0.162 / 24
Client one
1. 192.168.0.170 - using .162 as a gateway
On the RRAS server (.162) I am now adding the role - NAT and VPN, here you can see how
Now I rebooted the box and the sorts, but the client just cannot route out to the internet - it can ping both IPs of the server, just not the gateway - could someone point me into the right direction by any chance ?
My own knowledge base made public: http://open902.com 
Comments
-
Everyone
Member Posts: 1,661
Looks like you're running it inside a VM (just going off the "vmxnet 3" in the interface list), did you double check the network settings on the host?
You didn't say if the RRAS server can route to the internet, just that the client can. I'm guessing you probably already tried, but can you connect to the internet from the server?
Also you said the client can ping both IPs but not the gateway... Isn't one of the IPs the gateway?
It shouldn't be able to ping the external IP, so that doesn't make much sense. Is the client a VM too? If so, is it configured to use the right virtual network on the host? -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
Looks like you're running it inside a VM (just going off the "vmxnet 3" in the interface list), did you double check the network settings on the host?
You didn't say if the RRAS server can route to the internet, just that the client can. I'm guessing you probably already tried, but can you connect to the internet from the server?
Also you said the client can ping both IPs but not the gateway... Isn't one of the IPs the gateway? It shouldn't be able to ping the external IP, so that doesn't make much sense. Is the client a VM too? If so, is it configured to use the right virtual network on the host?
Actually no after I changed "Local LAN Routing" only (instead of default which is dialup and local LAN) I am not getting any ping at all.
As for the setup - yes, those are VMs.
I have two vSwitches - one with uplinks to the physical network (WAN side of the 2008 box / router) - one without uplinks, which is used for the LAN side .. so the router VM has two NICs, one for the public network, and one for the internal vSwitch and the client has only one vnic which is connected to the same "no uplink" vswitch the router VM is connected to ..
Does that make sense ?!?
Can post screenshots if it helps ..My own knowledge base made public: http://open902.com -
Everyone
Member Posts: 1,661
Yeah screenshot may help... So the server can't connect to the internet either? Do you have other VMs on the same vSwitch with the WAN connection that are able to connect to the internet?
Just to make sure I understand... The LAN side vSwitch is not associated with any physical NIC on the host?
I know I've mixed up what NIC is connected to what vSwitch on a VM before, you're sure you have the IPs assigned to the right NICs? -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
Oh, forgot to answer that earlier - the server has internet just fine - its just the client who can't route through the server to the internet so the nic order is fine .
Here in this example DC is the server (not a DC yet) and the client is mail - nothing else installed on either - simply wanted to get the routing working first
My own knowledge base made public: http://open902.com -
Everyone
Member Posts: 1,661
192.168.0.1 is set as the gateway on the client?
vSwitch1 is configured to use 192.168.0.162 as its gateway? -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
192.168.0.1 is set as the gateway on the client?
vSwitch1 is configured to use 192.168.0.162 as its gateway?
Nope, client has 192.168.0.162 as gateway (LAN IP of server) - 192.168.0.1 has no gateway set - don't actually use it and intend to remove the vmkernel anyway ..My own knowledge base made public: http://open902.com -
Everyone
Member Posts: 1,661
jibbajabba wrote: »Nope, client has 192.168.0.162 as gateway (LAN IP of server) - 192.168.0.1 has no gateway set - don't actually use it and intend to remove the vmkernel anyway ..
The NIC on the server with 192.168.0.162 has NO gateway configured right? -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
The NIC on the server with 192.168.0.162 has NO gateway configured right?
correct. Server has only a gateway on the WAN side, no Gateway on the LAN side, but client is using the IP of the LAN side of the server as a gateway ..My own knowledge base made public: http://open902.com -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
Apart from the troubleshooting page, yea - seen 'em all.
including
How to configure Windows 2008 Server IP Routing
Using Windows Server as a NAT Router
and
Windows Server 2008 as a LAN Router Running RIPMy own knowledge base made public: http://open902.com -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
Right, given up .. every single KB, article and forum post pretty much reflects what I have done here and it SHOULD work and no one seems to have experience in using RRAS as router so I am pretty much out of ideas / help.
Downloaded / Installed ClearOS - worked within 5 minutes .. Moving on My own knowledge base made public: http://open902.com
