Reminder:This is the setup for our network. If yours is the same, or very similiar, this setup should work.
Conventions: This assumes you know how to get into the MMC consoles for RRAS etc. We will name an entry in the left hand pane and give you instructions eg: Right click on "Server" Click on "Properties " "General Tab" Check "Enable Updates every "10" minutes. If value is not mentioned...It means we have left it at the default value.
1.On the machine you wish to install the RRAS/NAT server on, Open the Routing and Remote Access MMC Console. (Start > Programs > Administrative Tools> Routing and Remote Access)
2. In the left hand pane, right click on "Routing and Remote Access" Select "Add New Server"
3. Select "This Computer" , click "OK"
4. The new server will now be showing in the left hand pane. Right click on the new server (in our network new server hostname is "Netgate") Select "Enable and Configure Routing and Remote Access"
5. The RRAS Configure will open. Click on "Next". Select "Manually Configured Server" Click on "Next". Click on "Finish"
6. A screen will open informing you the server has been configured and asking if you wish to start the service. Click "Yes".
7. Double click on the new RRAS Server in the left pane (Netgate). You will see the following in the right pane. Routing Interfaces, Remote Access Clients, Ports, IP Routing, Remote Access Policies, Remote Access Logging.
8. Double Click on "Routing Interfaces" You will see the following in the Right Hand Pane. Loopback, Local Area Connection, Internal.
9. In the left hand panel, Right Click on "Routing Interfaces" Select "New Demand Dial Interface".
10. The Demand Dial Interface Wizard will open. Click "Next". Choose a name for the demand dial interface, and enter it. Click "Next". Check "Connect using a Modem, ISDN adaptor or other physical device. Click "Next". Check "Route IP packets on this interface" Click "Next". Fill in the boxes for "Username" "Password" and "Confirm Password" These should be the Username and Password you use to log on to your ISP" Leave the field for "Domain Name" blank.
11. Go to left hand pane and right click on "Ports". Select "Properties" Highlite the modem you wish to use with the Demand Dial inteface you created above. Click on "Configure". Check "Demand Dial routing connections" Uncheck "Remote access connections" if it is checked. Enter Phone Number for modem line. Click "Ok" Click "Apply" Click "Ok".
12. In the left hand pane, right click on "General" and select "New Routing Protocol" Select DHCP Client Click "OK" ...Do the same again and Select "Network Address Translation (NAT)" Click "OK".
13. In the left hand pane under "IP Routing" you should now have "General, Static Routes, DHCP Relay Agent, and Network Address Translation"
14. Right click on "DHCP Rely Client" and select "Properties". Enter the IP address for your DHCP Server (192.168.001.010) Click "Add" Click "Apply" Click "OK"
15. Right click on "Static Routes" select "New static route" Select the demand dial interface you created above from the dropdown list under "Interface:" Under "Destination" and "Network Mask" enter 000.000.000.000 Click "OK" In the left hand pane, left click on "Static Routes" in the right hand pane Right click on the static route you just created, select Properties, and make sure the box for "Use this route to initiate demand dial connections" is checked. Then click "OK"
16. In the left pane, right click on "Network Address Translation" and Select "New Interface". Select the demand-dial interface you created above. Check "Public Interface connected to the Internet" Check "Translate TCP/UDP headers" Click "apply" Click "OK" Repeat to add "Local Area Interface" Check "Private Interface" and then "apply" and "OK"
17. Now it is time to check all the property settings to make sure we did not miss anything. We are going to go down the right hand pane and check each setting.
A. Right click the RRAS server (netgate) and select "Properties" You should have the following properties:
General Tab: Enable this computer as a "Router" "LAN and demand dial routing"
IP Tab: "Enable IP Routing" "Allow IP based remote access and demand dial connections" This server can assign IP addresses using "DHCP"
B. Click "Routing Interfaces" then right click your demand dial interface and select "Properties"
General Tab: Check for the proper number to dial your ISP
Options Tab: Demand dial or persistent connection per your requirements.
Networking Tab: Under "Components used by this connection" TCP/IP should be checked. Highlite TCP/IP and click "Properties" Make sure the correct values for IP address and DNS server address are checked. If your ISP does not assign IP address for DNS servers via DHCP (Obtain DNS Server Address Automaticaly) You must enter the IP address provided by your ISP This error is a leading cause of being unable to resolve hostnames thru a RRAS/NAT server. If you can connect to a site using its IP address, and not using its Hostname. Check this setting first.
C. Right click "Ports" and select "Properties" Select the modem you are using for your demand-dial interface and click "Configure". Make sure the box "Demand Dial Routing Connections (Incoming and Outgoing) " is checked. Make sure you enter the number of the phone line this modem uses in the box provided.
D. Click "IP Routing">"General" and Right Click the demand dial interface. Select "Properties" Under the General Tab, make sure the "Enable IP Router Manager" box is checked.
E. We have already set the Properties for "Static Routes" , "DHCP Relay Agent", and "NAT" in items 14, 15, and 16 above. If you want to double check, it wouldn't hurt.
Thaat's Aaal Folks!
You should now be able to access the net from all computers on your local network. If you are not using a persistant connection, when you request an address (eg: yahoo.com) from your local network workstation, the RRAS server should dial out automaticaly. Depending on how fast you can establish a connection, you may have to change the "timeout" setting on IE to avoid getting a "Website unavailable" message. If you do get an error msg you should be able to reload the page once the connection is established.