0%

0/1 Lessons

Course Introduction

• 1min

0 / 1 lessons complete

Getting Started with Active Directory Domain Services

• 52min

0 / 6 lessons complete

Introduction to Active Directory Users & Computers

• 1hr 27min

0 / 10 lessons complete

Adding a Second Domain Controller

• 1hr 31min

0 / 7 lessons complete

Active Directory Backups

• 1hr 24min

0 / 5 lessons complete

How to Administrate Active Directory with Windows PowerShell

• 1hr 58min

0 / 7 lessons complete

Administrating AD SS (Active Directory Sites and Services)

• 1hr 3min

0 / 5 lessons complete

Active Directory Trusts

• 54min

0 / 5 lessons complete

Modifying the Active Directory Schema

• 43min

0 / 3 lessons complete

Course Conclusion

• 2min

0 / 1 lessons complete

Configuring Our ITFROUTE01 Server to act as a Router

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

In this lesson we are going to configure our routing server to pass traffic between our two separated networks, 192.168.1.0/24 and 10.0.0.0/24.

In this lab, the server SAROUTE01 is already connected to both networks with two ethernet adapters and their IP addresses have already been configured:

The computer isn’t joined to the domain and doesn’t really need to be for this specific lecture. The important thing is that this single server can communicate with both SADC01 and SADC02 because it has one network adapter connected to each of the networks.

Next we need to add the Remote Access server role. From inside Server Manager, select Manage > Add Roles and Features:

From there continue until you get to the Server Roles page, then select “Remote Access”:

Click Next > until you get to the Role Services page for Remote Access. Here we want to click the checkbox for Routing:

This will pop up a window for adding its related features. Click Add Features to continue:

You will notice that it now adds Web Server Role (IIS) on the left. We can just use the default settings for the IIS role services so just go ahead and click next until you get to the confirmation screen.

On the Confirmation screen, click Install:

Close the wizard and wait for the installation to complete. Now we need to configure our server routing. Click Tools > Routing and Remote Access.

Now right-click your server and select Configure and Enable Routing and Remote Access:

Click Next and then select Secure connection between two private networks

Click Next and select No when it asks about Demand-Dial Connections:

Click Next and Finish.

You can now expand the server and select IPv4 > General. Here we can see that we have our routing configured for both ethernet adapters and the IP addresses that we should use for our clients default gateway.

For computers on the 192.168.1.0/24 network, they should use the 192.168.1.2 IP address as their default gateway.

For computers on the 10.0.0.0/24 network, they should use the 10.0.0.2 IP address as their default gateway.

If you want you can enabled ICMP pings for IPv4 with the following CMD command so you can ping the server:

netsh advfirewall firewall add rule name="Allow inbound PING" protocol="icmpv4:8,any" dir=in action=allow

Each server needs to now be configured to use SAROUTE01 as it’s default gateway. For SADC01 will use 192.168.1.2, and SADC02 will use 10.0.0.2.

Log in to each server and open Server Manager. Next click the IP address in blue:

Next, click the IPv4 and select Properties:

Configure the following settings for SADC01:

Configure the following settings for SADC02

Now you should be able to ping each domain controller even though they are in different networks. That’s all we need to do for this lecture!

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

1 1 vote
Lesson Rating
Subscribe
Notify of
profile avatar
7 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

profile avatar
pavelz(@pavelz)
Member
1 year ago

The ITFDC01 and ITFDC02, what are they?

profile avatar
Ricardo P(@ricardop)
Admin
Reply to  pavelz
1 year ago

Hi profile avatar Pavel Zarva

These are two domain controllers from the ITFlee domain.

Ricardo

profile avatar
pavelz(@pavelz)
Member
Reply to  Ricardo P
1 year ago

If I understand correctly, we are supposed to create ITFDC01 and ITFDC01 in our own lab environments?

profile avatar
Ricardo P(@ricardop)
Admin
Reply to  pavelz
1 year ago

That’s correct. The idea is for you to have a couple of Domain Controllers to practice. You can even name them whatever you want according to a domain name if you have one. If not, you can use DC01 and DC02.

profile avatar
Ricardo P(@ricardop)
Admin
6 months ago

Hi profile avatar Adi Nugroho

That’s weird, but in this type of setup, it might be normal since you are pinging the gateway on 192.168.2.20. This is because when pinging an IP on the same subnet or vlan you get the Destination host unreachable. Something might be missing on the router server and not on the actual SADC02. Just make sure Ping is enabled on all servers or disable the firewall to make sure is not the cause.

Ricardo

profile avatar
Adi Nugroho(@adin)
Member
Reply to  Ricardo P
6 months ago

Hi, Ricardo, I forgot to attach SADC02 to the new NAT network. When I did, it went smoothly. I am sorry.

profile avatar
Ricardo P(@ricardop)
Admin
Reply to  Adi Nugroho
6 months ago

Hey, no worries. I am glad you figured it out  😅 
Great job!