Configuring Our ITFROUTE01 Server to act as a Router
Full-Access Members Only
Sorry, this lesson is only available to Server Academy Full-Access members. Become a Full-Access member now and get instant access to this and many more premium courses. Click the button below and get instant access now.
Instructions
Q&A (0)
Notes (0)
Resources (0)
Saving Progress...
Resources
There are no resources for this lesson.
Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.
In this lesson we are going to configure our routing server to pass traffic between our two separated networks, 192.168.1.0/24 and 10.0.0.0/24.
In this lab, the server SAROUTE01 is already connected to both networks with two ethernet adapters and their IP addresses have already been configured:
The computer isn’t joined to the domain and doesn’t really need to be for this specific lecture. The important thing is that this single server can communicate with both SADC01 and SADC02 because it has one network adapter connected to each of the networks.
Next we need to add the Remote Access server role. From inside Server Manager, select Manage > Add Roles and Features:
From there continue until you get to the Server Roles page, then select “Remote Access”:
Click Next > until you get to the Role Services page for Remote Access. Here we want to click the checkbox for Routing:
This will pop up a window for adding its related features. Click Add Features to continue:
You will notice that it now adds Web Server Role (IIS) on the left. We can just use the default settings for the IIS role services so just go ahead and click next until you get to the confirmation screen.
On the Confirmation screen, click Install:
Close the wizard and wait for the installation to complete. Now we need to configure our server routing. Click Tools > Routing and Remote Access.
Now right-click your server and select Configure and Enable Routing and Remote Access:
Click Next and then select Secure connection between two private networks
Click Next and select No when it asks about Demand-Dial Connections:
Click Next and Finish.
You can now expand the server and select IPv4 > General. Here we can see that we have our routing configured for both ethernet adapters and the IP addresses that we should use for our clients default gateway.
For computers on the 192.168.1.0/24 network, they should use the 192.168.1.2 IP address as their default gateway.
For computers on the 10.0.0.0/24 network, they should use the 10.0.0.2 IP address as their default gateway.
If you want you can enabled ICMP pings for IPv4 with the following CMD command so you can ping the server:
netsh advfirewall firewall add rule name="Allow inbound PING" protocol="icmpv4:8,any" dir=in action=allow
Each server needs to now be configured to use SAROUTE01 as it’s default gateway. For SADC01 will use 192.168.1.2, and SADC02 will use 10.0.0.2.
Log in to each server and open Server Manager. Next click the IP address in blue:
Next, click the IPv4 and select Properties:
Configure the following settings for SADC01:
Configure the following settings for SADC02
Now you should be able to ping each domain controller even though they are in different networks. That’s all we need to do for this lecture!
Server Academy Members Only
Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.
The ITFDC01 and ITFDC02, what are they?
Hi
Pavel Zarva
These are two domain controllers from the ITFlee domain.
Ricardo
If I understand correctly, we are supposed to create ITFDC01 and ITFDC01 in our own lab environments?
That’s correct. The idea is for you to have a couple of Domain Controllers to practice. You can even name them whatever you want according to a domain name if you have one. If not, you can use DC01 and DC02.
Hi
Adi Nugroho
That’s weird, but in this type of setup, it might be normal since you are pinging the gateway on 192.168.2.20. This is because when pinging an IP on the same subnet or vlan you get the Destination host unreachable. Something might be missing on the router server and not on the actual SADC02. Just make sure Ping is enabled on all servers or disable the firewall to make sure is not the cause.
Ricardo
Hi, Ricardo, I forgot to attach SADC02 to the new NAT network. When I did, it went smoothly. I am sorry.
Hey, no worries. I am glad you figured it out 😅
Great job!