I'm so far unable to configure on-prem boxes to access public internet sites with an RRAS server (sitting on the edge of my on-prem). This was an RRAS box for a site to site VPN connected to Azure which worked great. I have removed Azure VPN for simplification of testing at this time. I need to allow on-prem clients to access the internet to test a DR/failover solution that requires public IP(s)/DNS entries. My on-prem servers cannot ping anything outside our external interface IP/gateway.
Any feedback appreciated please!
My assumption is that this can be solved by adding a simple route entry or two on the edge server. I think I know how to add the routing table entry, but not what to add - and nothing has worked so far.
I reduced the complexity of the setup for testing eliminating Azure RRAS - and, re-ran setup of RRAS for only LAN routing. Once I get that working, I plan to re-run the Azure script to set up RRAS for site-to-site, and then hopefully reconfigure RRAS to allow on-prem clients to access public internets. I'm not dealing with DNS resolution issues yet and I expect those to be realatively easy once IP packets are flying around correctly.
I use static IPs.
My thought process via questions:
Are they packets failing to leave, or return?
Do I need to change the routing table on the DSL router, or, should all my changes be on the edge server?
The Edge01 server - is it really on the edge, or would it actually be our DSL router?
Do I need a third interface (NIC) on Edge01 to provide internet access?
Note: the rest of the office is using the 192.168.0.0/24 network which will show up in tables but should not really be related to my needs.
Edge01:
Two interfaces/NICs
Internal interface:
Interface IP: 10.10.10.1/24
Network: 10.10.10.0/24
Gateway: None.
DNS: 10.10.10.2 (on-prem AD/DNS server)
8.8.8.8
Edge01 settings/table/RRAS:
Interfaces:
Loopback
Internal
71.39.212.33
10.10.10.1
RRAS routing table:
External NIC on Edge01:
Interface IP: 71.39.212.33
Gateway: 71.39.212.38
DNS: 8.8.8.8, 10.10.10.2
DSL Router Info
DSL Routing table:
Note: All the routes except 10.10.10.0 were added automagically. I added the 10.10.10.0 as a test.
Destination Netmask Gateway
184.99.64.14 255.255.255.255 0.0.0.0
71.39.212.32 255.255.255.248 0.0.0.0
192.168.0.0 255.255.255.0 0.0.0.0
0.0.0.0 0.0.0.0 0.0.0.0
I added this entry as a test:
10.10.10.0 255.255.255.0 71.39.212.33
DLS router ISP Remote Gateway Address: 184.99.64.14
IPv4 Addressing
PPP Parameter
Modem IPv4 Address: 71.39.212.38
Modem IPv4 Subnet Mask: 255.255.255.255
DNS Address: 205.171.3.65
DNS Address #2 : 205.171.2.65
Remote Gateway Address: 184.99.64.14
DSL router IP Addressing type:
Block of Static IP addresses
Subnet mask: 255.255.255.248
Gateway: 71.39.212.38
DSL router LAN DHCP Addressing: Private LAN Subnet, NOT a public static subnet
LAN test server node IP settings:
IP: 10.10.10.5/24
GW: 10.10.10.1
DNS 10.10.10.2, 8.8.8.8
Ping and tracert to yahoo.com IP:
Thanks!
JBP