Using NAT for my LAN to connect to another LAN with VPN

Discussion in 'Server Networking' started by Raetselmeister, Mar 30, 2005.

  1. I want to connect a LAN with VPN Routing and RAS Server and I will use NAT
    for my local Network. The LAN i want to reach has a Windows XP Pro PC to
    connect to the Internet with incomming VPN Connection defined; so i can
    connect to this LAN with a Windows VPN dial-in. Connecting with one station
    is no problem because i had an IP from the Remote PC and can ping each PC in
    the remote network. No i want to connect the Remote-LAN with my Routing and
    RAS Server. Here i want to use NAT for my local LAN because the re-routing of
    my IP Pakets needs no routing configuration in the Remote-LAN. But i could
    only select NAT for Internet Connection of my Routing and RAS Server and not
    for a Remote-LAN connection. Could anyone help me.
    Thanks, Wolfgang
     
    Raetselmeister, Mar 30, 2005
    #1
    1. Advertisements

  2. Phillip Windell, Mar 30, 2005
    #2
    1. Advertisements

  3. Thank you for the answer.
    My problem i have is a routing problem at the remote LAN.
    my own LAN for example is 192.168.1.0/24 remote LAN is 192.168.20.0.
    when i dial in to the win XP in the remote LAN my RAS Server get the IP
    192.168.21.5 from the WIN XP Remote PC.
    the Win XP uses default gateway to the internet, has a local IP 192.168.20.1
    and a dial in IP Network with IP 192.168.21.1.
    The Dial in Win XP could route pakets to the IP 192.168.21.5 because he is
    in the same network.
    but when i dial in with a RAS Server and want to route my pakets from my
    192.168.1.0 LAN and this LAN he dosn't know. And i could not define a static
    route in Win XP to the Dial In Network IP.
    So I want to use NAT for my LAN that all pakets are masquerated behind the
    192.168.21.5 IP and I need no routing at the Win XP Dial In PC.
    Thank You.
    Wolfgang

     
    Raetselmeister, Mar 31, 2005
    #3
  4. Raetselmeister

    Bill Grant Guest

    Why is the dialup server issuing IP addresses in a different IP subnet?
    The normal practice in a simple setup like this is to use "on subnet" IP
    addresses. The software then gives you access to the local LAN using proxy
    ARP.

    If you use a different subnet, you need to provide additional routing on
    your LAN to route traffic for the "remote" subnet through the XP (and you
    need to enable IP routing on the XP).

     
    Bill Grant, Mar 31, 2005
    #4
  5. We need to not over complicate things. You either need a Site-to-Site VPN or
    a Remote Access VPN. We can't play "mix and match" with it. I suspect you
    need a Site-to-Site VPN which does not involve any XP machine dialing into
    anything.

    --

    Phillip Windell [MCP, MVP, CCNA]
    www.wandtv.com

     
    Phillip Windell, Mar 31, 2005
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.