hello I've question "How to": I've got 2 WANs and 2 routers, and one vpn server (pptp, win 2k3). In vpn server i have 2 network interfaces. Now i can connect to vpn from only one WAN (i can choose from which one by setting metrics on network interfaces). Both routers have correct port forwarding. Is it possible (and how) to enable access from both wans to one vpn server? How tp set vpn server to respond properly to two gateways? thanks Sylwek

If you want full networking between the LAN and the two WANs, you will need to set up site to site VPN links. You cannot achieve this using default routing and adjusting the metrics. You need subnet routes to each WAN through the correct VPN link. With RRAS, that means setting up demand-dial interfaces and linking the subnet routes to these interfaces.Bill

You can try below workaround+ internal networks-----------------> RRAS------------->First WAN------------->external clients | | Second WAN= We have port forwarding enabled on both WAN, which mean while external clients dial for VPN they dial IP which mentioned on router. Which in-turn allow us to set private IP on both RRAS interface.= For explanation i will take IP - First WAN has public IP 192.X.X.X and Second WAn has public IP 200.X.X.X+ If you can make first router to send packet to RRAS with source IP 192.X.X.X (instead of client external machine IP) you can set static routers on router to use specific gateway. if your. And Same with second router - you can add static routes for it.I never tested this personally but theoritically it should work.

Hi, What routing protocol are you running under RRAS? I think the easiest, most headache free thing is to get a router that has two WAN links like the Multitech RF-830 or 850. Consider the following: As a result of two separate natted routers router1 and router2 do not share the same translation tables. So packets might get seen as spoof and get dropped. Miguel Fra Miguel Fra Falcon ITS Miami, FL

Hi, What routing protocol are you running under RRAS? I think the easiest, most headache free thing is to get a router that has two WAN links like the Multitech RF-830 or 850. Consider the following: As a result of two separate natted routers router1 and router2 do not share the same translation tables. So packets might get seen as spoof and get dropped. Miguel Fra Miguel Fra Falcon ITS Miami, FL

If you have server 2008, it will only have OSPF and RIPv2.Unless we have static routes defined on RRAS box, it will route all traffic to default gateway, which in your case will be single WAN.As you have mentioned you can have device which can load balance traffic between two WAN connection and which can be placed in front of RRAS box.You don't have much options from Windows RRAS service or routing table. Hope this helps

Did you ever get this going?Miguel Fra / Falcon ITS Computer & Network Support, Miami, FL Visit our Knowledgebase Sharepoint Site

Did you ever get this going?Miguel Fra / Falcon ITS Computer & Network Support, Miami, FL Visit our Knowledgebase Sharepoint Site