How to configure Windows 2003 as a Router ?

I am new to networking and would like to seek your advice.

We would like to configure a Windows 2003 Server as a router between 2
subnets.

There are already 2 NICs and each of them is assigned IP address of
different subnets.

We would like to know is it necessary for us to install any service (like
RRAS) to achieve our need ? Besides, does it mean that the default gateway
for those workstations connected to that Windows 2003 Server will use its IP
address as default gateway ?

Thank you for your help.

Peter

 

You'll need to configure RRAS. Simply select it from the Admin Tools menu
and use the help to get it working.

Assuming a simple network with the only way out of the network being via the
WS03 box, then you will need to set the default gateway for the workstations
to be the network interface of the server. Keep in mind that devices on the
other side of the server that is acting as the router need to have a static
route for the workstation subnet that goes back through the WS03 RRAS server
in order for return traffic to come back to the workstation.

I hope this is clear.

Cheers,
Jeremy.

 

It is possible to allow IP routing without using RRAS, but it is pretty
pointless. Simply configure RRAS to be a LAN router from the wizard and it
will do it for you.

As Jeremy pointed out, all this does is configure the machine so that it
can forward traffic from one subnet to the other. Whether it routes or not
depends on how the two subnets are configured.

If all you want to do is link these two subnets, the routing is trivial.
You simply make the RRAS router the default gateway for both subnets. eg

192.168.1.x dg 192.168.1.1
|
192.168.1.1 dg blank
RRAS
192.168.2.1 dg blank
|
192.168.2.x dg 192.168.2.1

Any traffic which is not local (ie not in the same IP subnet) is sent to
the router. The router can deliver it in the other subnet because it has an
interface in that subnet (ie the target machine is local to the router).

Usually the setup is not as simple as that. One subnet is usually using
some other router, such as an ADSL Internet device as its default gateway.
Simply enabling IP routing doesn't do much because the trafffic never gets
to the RRAS router. You need extra routing to get the traffic to the correct
router. If you are in that situation and can't see what extra routing you
need, post a description of how your network is set up.

PS. I hope this server is not a DC. Using a DC as a router is not recomended
and it may cause you all sorts of odd problems.

 

Dear Bill,

Thank you for your advice.

The reason why we consider this option is because our Network Officer says
that by using a Windows 2003 Server as a router for connecting machines in
headquarter to a remote site.

I just wonder whether it is a good idea as the single point of failure will
be the Windows 2003 Server and the 2 NIC.

Regards,
Peter

 

Whatever device you use as a router, it is going to be a single point of
failure unless you have a very complicated routing setup with multiple
paths.

How are you planning to connect HQ to a remote site? Leased lines or
VPN?

 

It is planned to use leased line.

Peter

 

OK. As I said in a previous post, the important thing about routing is
getting the traffic to the correct router. If this RRAS router is an
additional router in a subnet which currently uses some other device as the
default gateway (ie default router) the traffic for the other site may never
get to the RRAS router unless you add extra routing to the LAN. It only
works automatically if there is only one gateway and it is set as the
default.

 

Dear Bill,

There is default gateway in headquarter and remote site. However, the
network guy says that in order to get both sites get connected with the new
lease line, he has to remove the default gateway at remote site and make use
of the Windows 2003 Server as router here.

In this way, I believe that machines in remote site will regard the Windows
2003 Server as default gateway while machines here will continue to use the
existing default gateway (CISCO Router).

Is there any adjustment has to be done ?

Regards,
Peter

 

It doesn't matter what router is used for the Default Gateway as long as the
router that is used "knows" how to get to everything else. So the network guys
are "partially" correct, but they may have too narrow of a view of it.

The Default Gateway of the hosts on any particular subnet should be the router
that has the most "knowledge" about the rest of the LAN/WAN. That "knowledge"
may or may not be accomplished by Dynamic Routing Protocols between the routers.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft, or
anyone else associated with me, including my cats.
-----------------------------------------------------

 

Sure, You can setup the server as router. This how to may help.

How to setup VPNIf your VPN client cannot find servers or cannot ping
computernmae, you may need to add DNS and WINS into your VPN server. For
example, to add DNS and WINS ...
www.howtonetworking.com/Windows/vpnsetup.htm


--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com

 

You can certainly use Windows Server as a LAN router between two LAN
segments, and these two segments can be of different types. The server
network will run at IGb and the other at 100Mb.

Just installing RRAS and enabling LAN routing will probably not get
routing working. It only works automatically if the router is the default
gateway for both networks. If one network is connected to the Internet and
all machines use the Internet router as the default gateway, no traffic will
ever go to the internal router.

There are a couple of options. If the LAN machines need to initiate
connections to the servers (but not vice versa) you can use NAT. If you need
full interaction (ie the servers can initiate connections to the other
machines) you use standard LAN routing plus static routes. eg

NAT setup

Internet
|
gateway router
10.1.1.254
|
servers
10.1.1.x dg 10.1.1.254
|
10.1.1.250 dg 10.1.1.254
RRAS/NAT
192.168.31.254 dg blank
|
LAN machines
192.168.31.x dg 192.168.31.x


Fully routed setup

Internet
|
gateway router {static route 192.168.31.0 255.255.255.0 10.1.1.250}
10.1.1.254
|
servers
10.1.1.x dg 10.1.1.254
|
10.1.1.250 dg 10.1.1.254
RRAS
192.168.31.254 dg blank
|
LAN machines
192.168.31.x dg 192.168.31.254

The NAT method works because all traffic from the inner subnet is using
the NAT router's 10.1.1 address in the outer subnet (because of address
translation in NAT).

In the second case the traffic from the inner subnet is using the
192.168. IP address, so the gateway router must know how to reach the inner
subnet (via the NAT router).

 

Hi,
i dont see the clear advantage if all traffic passes the wire to / and from
the router to the switch.

first you should know how the serverfarm itself operates ? especially do
they communicate with each other ?

jk