Server Fault is a question and answer site for system and network administrators. It only takes a minute to sign up.
Sign up to join this community
Windows Server 2012, two NICs, only rras role installed.
PC2 can PING anything at 192.168.2.xx by IP, but not by name.
PC2 in Network Neighborhood has only itself and mserver, but can access anything at \\192.168.2.xx (by IP, but not by name).
PC2 has Internet.
PC1 cannot see, nor PING anything beyond NIC1.
I'm kind of stuck trying to figure out why routing doesn't work proper for local traffic between the two LANs while internet routing works fine.
You're most likely missing routes for the 10.0.0.0/8 network on the gateway 192.168.2.1.
You see, when packets from PC1 try to reach PC2, first PC1 checks:
So, by all rights this setup shouldn't work at all, without a route for 10.0.0.0/8 setup in the 192.168.2.1 router, because even requests to the internet shouldn't be able to find a way back.
The reason this is working at all is because you've set up RRAS to do NAT of the traffic from your 10.0.0.0/8 network. Any outbound traffic from PC2 will have its address translated, first by MSERVER, so that its source IP on the 192.168.2.0/24 LAN will be 192.168.2.101.
So in this scenario, when PC2 sends out a ping, PC1 will see it as coming from 192.168.2.101 and will know to send the response there as well.
In this scenario, you add a route for 10.0.0.0/8 via 192.168.2.101 on your 192.168.2.1 router, and then disable NAT in RRAS.
Network browsing will still probably not work since it will only work within one broadcast domain unless special measures are taken. Hostnames will also require a specific setup to work properly.
Most of the posts, tutorials and how-to’s around the internet, guide you through installation of router role on win2012, but, none of them make it clear that routing between two sub networks on the same pc doesn’t just happen just because you install router service on both nics. One finds out the hard way. Anyway, I rearranged the original setup as shown to the new picture.
It looks like that this setup works either by adding a static route to the modem (as mentioned in the previous answer) or putting router running at mserver in NAT mode for wan-side interface 192.168.1.101
So far, network discovery works fine for all pc’s and internet connection is up and running as well.
Remote desktop work fine (netbios names and local ip’s)
A side affect with this arrangement is that I cannot use remote desktop anymore using my public IP address as I used to (that’s from within my network)(why?).
Another thing with this arrangement is that you can only access mserver with remote desktop since once nic1 is exposed to the router. I suppose, if needed that could be bypassed by installing remote access server role on mserver(or not?).
Now, I don’t seem to be able to ftp yet, neither from within my network (tried both local and public ip) nor from internet and same goes for my cameras. It should be straight forward but unfortunately (for me) it didn’t happen.
Another question that arise with this setup would have to do with printer1 and printer2.
They are wireless printers that are currently wired to the network. If they go wireless, would the be accessible to the network? Going wireless with the printers would move them to the 192.168.1.xx network. Having just the static route (see pic) in the modem/router, is that enough to make them accessible to 192.168.2.xx devices?
Same question for other wireless devices, would they be able to use 192.168.2.xx recourses?
Comments welcome and I’ll share any new findings
