Hi all,
I have an RRAS/NPS setup in a lab and while I can get my client connected via IKEv2 just fine I can't ping or communicate route outside of the static IP range they reside in.
External NIC 10.2.2.x
Internal NIC 10.1.1.x
When clients connect they are in a static address pool of 172.16.255.10-39 (30 addresses)
From my understanding I need to setup static routes to allow the clients to communicate with other subnets but I'm having difficulty in figuring out how configure this. I have successfully used DHCP relay to the 10.1.1.x network and while it works the clients then have access to resources they should not have access to which is a security risk so I thought it best a static pool with very specific routes would be best.
Ultimately I want the clients to have access to a few resources on this network:
A jump host they RDP (3389) to (10.1.7)
RemoteApp server (443,3389) to stream an app, (10.1.1.14)
DNS/AD for GPO processing (10.1.1.20-21)
So what I'm asking is how to I setup these routes so the clients can talk.
Do I need to setup static routes in RRAS?
Do I need to add a static route on the endpoints, is the best done in AD?
Thank you in advance.