0

We have a Windows Server 2008 R2 box. It has one NIC, with the address 192.168.0.2. We set up RRAS, enabled VPN protocols, and told it to use a static address pool, 192.168.0.224-239. On our router, we set up a public IP to be forwarded to .224. This used to work, but now after the first reboot it doesn't. I think the cause of the problem is that the PPP adapter is missing. I've read somewhere else that the PPP adapter is not created until a user connects. But where are they supposed to connect to if it's not there? Nothing assumes the .224 IP currently, no replies from there at all. Sadly I don't remember how the PPP adapter was created when it did work.

I'm guessing now that we did it all wrong, and the clients are not supposed to connect to the PPP adapter at .224, but a preexisting, physical adapter, like at .2. So the questions are: Is my guess right? If it's not, then how do I create the PPP adapter? If it is, then why did it work before, does the server accept connections from the .2 IP and the PPP adapter's .224 IP at the same time?

So if I need a fixed, dedicated IP for the VPN, let's say I want it to be .3. The HTTPS port on the .2 IP is used by a web server, and I need SSTP, which uses the same port. I know I can assign multiple IP addresses to an adapter, but I can't find a way to assign a single IP to VPN, only an entire adapter, so I'm guessing that it would listen on all IP's of the adapter, not only .3 but .2, too. Am I forced to buy a new NIC, or can I create a new adapter for the same physical NIC, like an alias or something, so that I can use the .2 IP on the real adapter, the .3 IP on the virtual one, and assign only the virtual adapter to RRAS?

fejesjoco
  • 89
  • 3
  • 14

1 Answers1

1

What PPP adapter are you referring to? I've never seen one related to RRAS. Are you referring to the PPTP ports available in the RRAS configuration for incoming client connections?

In any event, RRAS needs to be bound to a physical adapter. If you have only a single NIC you can still enable and configure RRAS by selecting the custom option when configuring RRAS. You can assign another ip address to the NIC and use this ip address as the end point for VPN clients (after NAT'ing is done in your firewall).

I've set up RRAS on W2K3 and W2K8 many times with a single NIC and I've never seen a PPP adapter like you're describing.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • This is a screenshot of such a PPP adapter: http://filedb.experts-exchange.com/incoming/2009/05_w18/t134823/ipconfig.jpg – fejesjoco May 12 '11 at 18:13
  • If there's only one adapter, and it has two IP's, how do I tell RRAS which IP to use? Like I said, I only found the option to assign an adapter, not an IP. – fejesjoco May 12 '11 at 18:14
  • OK, Gotcha. Yes, that adapter is created when a VPN client is connected. Is that screen shot from another server because the ip addresses don't match those in your question? At any rate, I don't believe you can bind RRAS to a specific ip address, only to a specific NIC. If you configure an additional ip address on the NIC and then forward VPN traffic to that ip address then the server will only establish VPN connections on that ip address. – joeqwerty May 12 '11 at 18:46
  • I just found the screenshot somewhere, not mine. What I'm afraid of is that RRAS will 'steal' the HTTPS port from the web server when they both use the same adapter with 2 IP's. I can tell the webserver to use only one IP, but not RRAS. – fejesjoco May 12 '11 at 18:53
  • Apparently, Windows 7 can create a second, virtual connection for a WiFi network card. But I found no way to do this with a wired one. That would solve my problem, otherwise I'll need to by a new physical one. – fejesjoco May 12 '11 at 19:30