How do I make my Server 2008 (or R2) a router?

I met a partner yesterday that said he tried to move his Domain Controller from Windows Server 2003 to Windows Server 2008 and was having problems.  As we talked, it became clear that he was also using this server as a router for his office.  He said that once he replaced his 2003 server with 2008, his users could no longer access the Internet.  He told me he that he has two NICs in this server; one connected to his office network and users, the second NIC is connected to the WAN.  He told me that he did have his DC behind a firewall, but was struggling with getting his users connected to the Internet again.  We talked about configuring RRAS.  It sounded like he needed to setup RRAS to get his users access again, so I dug up the RRAS content for Server 2008 and R2. 

Here’s the best link I found, it’s a great starting point to understanding how to set it up.

http://technet.microsoft.com/en-us/library/cc754634(WS.10).aspx

Here’s the step-by-step guide that can walk your through setting up RRAS in your lab.

http://www.microsoft.com/downloads/details.aspx?FamilyID=7E973087-3D2D-4CAC-ABDF-CC7BDE298847&displaylang=en

I’ve used RRAS on and off for years in my testing.  For me, I don’t have a dedicated router, so anytime a need a router in my testing, up pops an RRAS server.  Isn’t Hyper-V just awesome??

As an FYI, RRAS is a role that has to be enabled in Server 2008 (and R2).  The thing I couldn’t remember yesterday was that RRAS is included under the Network Policy and Access Services role.  Here is a link that talks specifically about enabling the RRAS role:

http://technet.microsoft.com/en-us/library/dd469845.aspx

Please let me know your thoughts on setting up RRAS.  Has it worked for you?

Until next time!

Rob

Published Friday, October 23, 2009 10:23 AM by rwagg
Filed under: , , ,

Comments

Friday, October 23, 2009 10:52 PM by How do I make my Server 2008 (or R2) a router? – Rob's Ragg???. Tech … | Windows (7) Affinity

# How do I make my Server 2008 (or R2) a router? – Rob's Ragg???. Tech … | Windows (7) Affinity

Pingback from  How do I make my Server 2008 (or R2) a router? – Rob's Ragg???. Tech … | Windows (7) Affinity

Saturday, October 24, 2009 11:46 AM by Jay R O

# re: How do I make my Server 2008 (or R2) a router?

I have been using RRAS as a router (and port filter) since NT 4.0, with great success.  I have only a couple customers on 2008 server, RRAS still works great as a NAT and subnet router.  Except, of course, in SBS 2008 where Microsoft has unfortunately decided we are not to use RRAS as a NAT router.  (See: ts2community.com/.../multiple-nic-support-in-sbs-2008.aspx)

Wednesday, December 09, 2009 10:46 PM by Chris Curatolo

# re: How do I make my Server 2008 (or R2) a router?

I am limited in my lab environment. I am confgiuring a Test Citrix Essentials for hyper-v Lab environment on my 2008 R2 Server. I also have RRAS (NAT only) configured on my host.

All of my vms in SCVMM r2 point to the NIC that was created on the hyper-v host for its gateway. My vms are all able to utilize external resources, and my host is able to communicate to all internal resources, but what I cannot seem to nail down is how to have external resources outside of my R2 host to communicate with the internal resources on my hyper-v internal network.

I cannot figure out how to enable routing to my 192 network and still keep it fenced so I can have resources like WINS and DHCP running with out impacting my corporate network, any assitance would be greatly appreciated.

thank you,

Chris Curatolo

Citrix Engineer

Wednesday, December 09, 2009 11:53 PM by rwagg

# re: How do I make my Server 2008 (or R2) a router?

Chris,

I'd like to understand more details about what you are doing here, but it sounds like you have all of your internal VMs on the 192 network and you are using your host as a router so these VMs can communicate on your corporate network.  The problem with the trying to access your VMs from your corporate network can be an issue.  I don't know exactly what's going on, I'd like more detail, but your external computers trying to access your VMs need some way to find them.  Your corporate DNS server does not know about these VMs so external machines cannot resolve the VMs by name.  Also since the 192 subnet is not really "routable", you can't ping a 192 network from your corporate network since your routers don't know where they are located.  

Your situation does not surprise me since your host is not only acting as a router, but a NAT gateway as well.

Drop me a note and let's see if we can brain storm about this.  My email address is rwagg  AT Microsoft    

Leave a Comment

(required) 
(required) 
(optional)
(required)