Seeking Help with Routing

sschmidlapsschmidlap Member Posts: 45 ■■□□□□□□□□
Physical PC called ROOM hosts a virtual domain called techlabs2000.local
The virtual machines are on the 172.16.1.0/24 network.
A VM called 2000RRAS has 2 nics installed. One nic is 172.16.1.1 and the other nic is 192.168.0.20

Physical PC called BEDROOM hosts a a virtual domain called techlabs2003.local
The virtual machines are on the 172.16.0.0/24 network.
A VM called 2003RRAS has 2 nics installed. One nic is 172.16.0.1 and the other nic is 192.168.0.10

I am trying to set up an environment to simulate, say, a main and branch office. It seems there should be a way that machines in the 172.16.0.0/24 and 172.16.1.0/24 should be able to communicate via routing. Is this possible?

I am using Virtual PC for all machines. All NICs are local only except for the 192 nics which use the physical nic of the respective computer.

The 2 physical PCs connect to a wireless router. The external or "real" network between the 2 PCs is 192.168.0.0/24

I hope you can help. I am getting really frustrated because although I have been passing some exams I obviously don't know how to implement certain things in the real world. It's one thing to pick the right answer out of four, but another to be able to PERFORM the answer. Will be waiting for some feedback. In the meantime, I am going down to the school tomorrow to ask an instructor about this. Thank you

Comments

  • sschmidlapsschmidlap Member Posts: 45 ■■□□□□□□□□
    I didn't have time to wait for the instructor at school today. Had to take a practice exam, print my next labs then go to work.

    1) I have two seperate private networks. 172.16.0.0/24 and 172.16.1.0/24 I can and have established VPN connections for individual clients from both networks. That's easy. But is it possible to set up RRAS on each 2003 machine so that users in one network can ping machines in the other?

    It's become apparent to me I don't understand routing at all. This is my one troubling and major weak spot. I'm trying to understand how private addressing schemes can be routed/connected between sites like I see in so many network diagrams.

    Can I set up simple, static routes to route 172.16.1.0 traffic to the Internet adapter on that network? Will that router then send the traffic to a particular client on that network? Is this even possible? I thought private addresses were not routable. The more I read and try to study the more confused I become. Please help.
  • PsoasmanPsoasman Member Posts: 2,687 ■■■■■■■■■□
    I am primarily using techskills for my certs. Have you done the 291 course? It has a RRAS lab, that you could duplicate.
    That lab has you use a DC, member server - which is your RRAS server, and some clients.
  • sschmidlapsschmidlap Member Posts: 45 ■■□□□□□□□□
    Ok so I enabled LAN routing only on both RRAS machines. Added static routes to each network and could access machines in both networks no problem except that now all machines in each network except RRAS can't access the Internet.

    I was originally using NAT on each network to provice Internet access, but when I enable NAT and LAN routing clients from one network can't get to clients in the other (because of NAT, I am sure). So is it possible for both networks to have access to the Internet and each other? The default route for Internet access doesn't work because I can't route private addresses on the Internet. It seems in this configuration I MUST use NAT for clients to access the Internet. But that prevents clients from one private network from reaching the other private network. Any thoughts?
  • kalebkspkalebksp Member Posts: 1,033 ■■■■■□□□□□
    I'm not up on RRAS, but to make the routing work you would have to create default routes from your two RRAS servers to the IP of your internet router, then create static routes for the appropriate networks pointing back to your RRAS servers. This is assuming you can create static routes on your internet router.

    One thing to keep in mind is that most network traffic is bi-directional. So you can't just look at how it's going to get out, but how it's going to get back too.
  • sschmidlapsschmidlap Member Posts: 45 ■■□□□□□□□□
    First, I cannot add routes of any kind to my Internet router. But I just knew this could be accomplished somehow. I finally tried the RRAS combo of secure connection between 2 private networks and NAT. I set up a persistent VPN connection between each private network using a user account from each domain for dial in / dial out credentials on the RRAS routing machines. By doing so I essentially added a new virtual interface to each machine that is used specifically to connect to the other private network. Those interfaces are seperate from the Internet interface on each RRAS machine. This probably doesn't make any sense, I am just glad I finally did it. I really wanted to figure this out on my own.

    By the way Psoman (spelling?) I am going to TechSkills, too. I actually passed the 291 exam back in June and am working on 293 but this shows me how much practice and hands-on I really need. I just have to keep coming up with different scenarios. I find the labs somewhat lacking when it comes to routing and remote access. I am trying to implement what I read in questions as much as possible because that's alot tougher than being able to pick the right answer out of 4. I think the exams are MUCH easier than the real world. I am finding that just because I passed an exam doesn't mean I really can do or know much of anything.

    Thanks for the feedback guys.icon_cheers.gif
  • PsoasmanPsoasman Member Posts: 2,687 ■■■■■■■■■□
    I know Techskills says they are single-source certification. They are good on most things, but I have noticed that they recycle A LOT of their material. for example, the techlab for CAs is the same for 293, 298, and 299. I would use as many sources as possible.
    The test prep is right on for getting the exam format familiarized.
    Good Luck on the exam!
  • ian gian g Member Posts: 29 ■■□□□□□□□□
    I remember tearing my hair out trying to get RRAS working on a VM when I was doing my 70-291 labs. I know my routing pretty well, and I never did get it to work. I'm sure there is an isue with RRAS on a virtual network. Are you using a full hypervisor, or a host based solution? A bare metal hypervisor would probably yield better results. You can download VMware's ESXi server for free.
    Dig around in the 70-291 forum, and I'm sure you'll see this subject visited a few times.
Sign In or Register to comment.