Trouble configuring Windows Server Enterprise as a NAT router

Discussion in 'Server Setup' started by Zenexer, Apr 13, 2009.

  1. Zenexer

    Zenexer Guest

    I recently upgraded my home server to Windows Server 2008 Enterprise R2 Beta.
    As I was setting it up, I got the bright idea to replace my router with the
    server. So I got to work installing a second NIC, disabling DHCP/DNS on my
    router, etc. All went well--until I tested it. I cannot, for the life of
    me, get NAT to work. I have two NICs in my server: one for LAN, another for
    WAN. The WAN NIC is connected via ethernet to a standard broadband modem and
    works fine; I can successfully access the internet from the server. The LAN
    NIC is connected (also via ethernet) to a wireless and wired router. The
    router was already configured to behave as a standard switch, as I had
    previously used the modem as the DHCP/DNS server (it's one of those
    modem-router combos--can't complain, it was free). DHCP is a go: anything
    that connected wirelessly to the network gets a proper IP, with the server
    marked as the Def.GW and DNS server. Now, here's where the problems
    start--that's the only thing that works. I can ping the server just fine,
    but DNS requests fail (they work locally on the server, which is configured
    to use 127.0.0.1 as the primary DNS server with 4.2.2.1-6 as backup).
    External requests result in a "host unreachable" error. It seems as though
    the switch doesn't understand that it's supposed to forward traffic directed
    outside the subnet to the server (10.10.0.1), even though RIP-2B is enabled
    on both the server and the router. I haven't seen any suspicious log entries
    or such. Windows Firewall is 100% disabled. As far as I can tell, RRAS,
    DHCP, and DNS are all configured properly, though the results seem to speak
    otherwise. I have to admit, networking at the hardware level is not my area
    of expertise; this is a bit different than working with winsock. After
    programming for years, I never thought anything besides a segfault could
    frustrate me on a computer--clearly I was wrong. I don't know how you
    network techies do it. Does anyone have any tips? I've worked with Server
    2003 quite a bit in the past, so feel free to give directions in terms of
    another (similar) OS; I should be able to figure it out.
     
    Zenexer, Apr 13, 2009
    #1
    1. Advertisements

  2. In
    Hello Zenexer,

    Can you ping the router's by IP address?
    Switches do not forward IP traffic per se, just per port based on source and
    destination Mac.

    What type of internet line do you have? ADSL, SDSL, FIOS, Cable, T1, etc?

    I understand you are using the old router as a switch only by using it's
    internal 4 or 5 port switch ports, so I assume nothing is connected to its
    WAN interface, as the way it should in this scenario. But that bades me to
    ask, What is the external NIC of the server connected to?

    As for setting up NAT on 2008, it's a little different, but not by much, in
    2008 than 2003. See if the following articles below help. In addition, keep
    the following in mind:

    1. Remove the 4.2.2.2 and 127.0.0.1 addresses for DNS, and use the actual
    internal inteface's IP address for both the internal and external interface.
    2. Make sure that this is not a domain controller, or it will vastly
    complicate things including required registry changes to make sure the DC is
    able to properly only register it's internal interface data and not the
    external interface so it can still functions as a DC otherwise expect major
    problems.
    3. In Networking windows, Advanced, Advanced, make sure the inside NIC is at
    the top of the binding order.
    4. In DNS properties, interface tab, make sure it only listens to the
    internal interface IP.
    5. In NIC properties, disable F&P, NetBIOS, and Register This Connection, on
    the outside intgerface.
    6. Make sure there is only one gateway address set on the external, and not
    the internal interface. This would of course point to the router's IP that
    is connected to the external interface.

    NAT in Windows 2003: Setup and Configuration
    http://www.windowsnetworking.com/articles_tutorials/NAT_Windows_2003_Setup_Configuration.html

    Configuring Windows Server 2003 to act as a NAT router
    http://www.windowsnetworking.com/ar...uring-Windows-Server-2003-act-NAT-router.html


    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
    Microsoft Certified Trainer


    For urgent issues, you may want to contact Microsoft PSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [Microsoft Certified Trainer], Apr 13, 2009
    #2
    1. Advertisements

  3. Meinolf Weber [MVP-DS], Apr 13, 2009
    #3
  4. No, I wouldn't call that a bright idea at all. You may recall the expression
    about putting lipstick on a pig, no? Especially if you're using AD, but even
    if you're not, avoid this setup. Go back to the router.

    So I got to work installing a second NIC,
     
    Lanwench [MVP - Exchange], Apr 13, 2009
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.