none
RRAS - Demand-Dial Interface connection problem

    Question

  • Hello everyone,

    I have some trouble with getting RRAS to work with my modem. I have two Windows 2008R2 servers, One Dreytek 2710 Annex A, and my conenction is analog PPPoA.

    Server 1 is a DC with Certificate Serviece, AD, DNS and DHCP on it.
    Server 2 is member of the domain and has File Services, RRAS and IIS on it and soon it will have DirectAccess on it too when this works.

    For DirectAccess I need two Public IP's on my External NIC on Server 2. To do this I used a Dreytek 2710 modem and bridged it. Now I need to make a connection from server 2 to the modem.

    RRAS is needed with a Demand-Dial Interface, but the "Connect using a modem" is greyed out. As far as I know I need this option to make the whole thing work right?

    Can someone give me some directions on this? Google didn't gave me much help.

    Thank You in advance.

    ---

    Jonathanb

    Wednesday, March 07, 2012 10:08 AM

Answers

  • Hi Jonathan,

    Thanks for update.

    > If I understand your last post correctly, then I still don't have two public IP's on the servers NIC right?

    That’s right but don’t worry since PPPoA is not supported by RRAS so we have to let modem to deal with it (PPPoA and obtain two vaild internet addresses ) .
    Meanwhile, we have to make sure NAT is supported by this device so that we can set address or port mapping on it in order to forward the incoming traffic to the internal DA server.

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Monday, March 12, 2012 9:04 AM
  • Hi Jonathan,

    Thanks for update.

    >So if I would DMZ everything to the server and disable NAT, would this work then?

    Yes that should work and take look the scenarios and explications in the blog post below. It discussed about how to set DA with UAG but is also applied to Windows Server Direct Access deployment scenario:

    UAG DirectAccess Server Deployment Scenarios
    http://blogs.technet.com/b/tomshinder/archive/2010/04/01/uag-directaccess-server-deployment-scenarios.aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Tuesday, March 13, 2012 12:51 AM

All replies

  •  

    Hi Jonathanb,

    Thanks for posting here.

    > RRAS is needed with a Demand-Dial Interface, but the "Connect using a modem" is greyed out. As far as I know I need this option to make the whole thing work right?

    If I understand you properly , we need to create Demand-dial interfaces in order to get two internet address for direct access deployment . if I misunderstand please let me know.

    Actually we can create it in  “network interfaces” by right clicking and creating it form RRAS console :

    Network Interfaces

    http://technet.microsoft.com/en-us/library/dd469741(WS.10).aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Thursday, March 08, 2012 8:39 AM
  • Thank you Tiger Li for your reply.

    The link that you have posted is the knowledge that I already have. After some digging I found out that I probably don't need that first option.
    I changed my modem back to my IPv6 ready modem which can disable NAT. While disabling NAT it will send the public IP address to my server I think.

    In RRAS I can create a Demand-Dial Interface and in the wizard I have two options. I can choose PPPoE, but my connection is PPPoA so that will probably not work and the other option is through VPN which I don't use for connecting to my ISP. My question is what option do I need to take and do I need to manually add the public IP address to the external network card?

    So my goal now is to get a public IP address on my server's external network card and get internet from it. Simple right?

    Thank you,

    Jonathan

    Thursday, March 08, 2012 9:16 AM
  • Hi Jonathan,

    Thanks for posing here.

    Based on my knowledge we have no way to create PPPoA demand-dial Interface with RRAS on Windows Server which make us to consider to have a dedicate PPPoA and NAT supported  router at edge in order to obtain publish addresses and set port or address mapping to our DA server that has internal private address:

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/9e58ae25-3a76-4fcb-bbf0-1d6a6d4a81a5/

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Friday, March 09, 2012 7:55 AM
  • If I understand your last post correctly, then I still don't have two public IP's on the servers NIC right? This is becoming a bit confusing and frustrating. DA on 2008R2 isn't that simple to configure. I added a picture of my network and hope that it may help. I am posting this in the right place or not?

    Friday, March 09, 2012 10:28 AM
  • Hi Jonathan,

    Thanks for update.

    > If I understand your last post correctly, then I still don't have two public IP's on the servers NIC right?

    That’s right but don’t worry since PPPoA is not supported by RRAS so we have to let modem to deal with it (PPPoA and obtain two vaild internet addresses ) .
    Meanwhile, we have to make sure NAT is supported by this device so that we can set address or port mapping on it in order to forward the incoming traffic to the internal DA server.

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Monday, March 12, 2012 9:04 AM
  • This is making more sense, but still, I don't see the whole picture ... sorry.

    > have a dedicate PPPoA and NAT supported  router at edge in order to obtain publish addresses and set port or address mapping to our DA server that has internal private address

    Is this possible with the modem as well instead of the edge router? It supports PPPoA and NAT. I also can use the DMZ option to forward everything to the server. So if I would DMZ everything to the server and disable NAT, would this work then? If you are not sure please do a guess because then I know if I could try this at least.

    Thank you very much!

    ---

    Jonathan

    Monday, March 12, 2012 10:19 AM
  • Hi Jonathan,

    Thanks for update.

    >So if I would DMZ everything to the server and disable NAT, would this work then?

    Yes that should work and take look the scenarios and explications in the blog post below. It discussed about how to set DA with UAG but is also applied to Windows Server Direct Access deployment scenario:

    UAG DirectAccess Server Deployment Scenarios
    http://blogs.technet.com/b/tomshinder/archive/2010/04/01/uag-directaccess-server-deployment-scenarios.aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Tuesday, March 13, 2012 12:51 AM
  • Unfortunately I can't see if it would work because our budget won't let me. I still want to thank you for bearing with me in this! I just need to wait for Windows 8 server to implement DA.

    ---

    Jonathan

    Tuesday, March 13, 2012 8:49 AM