In this lesson we are going to configure our routing server to pass traffic between our two separated networks, 192.168.1.0/24 and 10.0.0.0/24.

In this lab, the server SAROUTE01 is already connected to both networks with two ethernet adapters and their IP addresses have already been configured:

The computer isn’t joined to the domain and doesn’t really need to be for this specific lecture. The important thing is that this single server can communicate with both SADC01 and SADC02 because it has one network adapter connected to each of the networks.

Next we need to add the Remote Access server role. From inside Server Manager, select Manage > Add Roles and Features:

From there continue until you get to the Server Roles page, then select “Remote Access”:

Click Next > until you get to the Role Services page for Remote Access. Here we want to click the checkbox for Routing:

This will pop up a window for adding its related features. Click Add Features to continue:

You will notice that it now adds Web Server Role (IIS) on the left. We can just use the default settings for the IIS role services so just go ahead and click next until you get to the confirmation screen.

On the Confirmation screen, click Install:

Close the wizard and wait for the installation to complete. Now we need to configure our server routing. Click Tools > Routing and Remote Access.

Now right-click your server and select Configure and Enable Routing and Remote Access:

Click Next and then select Secure connection between two private networks

Click Next and select No when it asks about Demand-Dial Connections:

Click Next and Finish.

You can now expand the server and select IPv4 > General. Here we can see that we have our routing configured for both ethernet adapters and the IP addresses that we should use for our clients default gateway.

For computers on the 192.168.1.0/24 network, they should use the 192.168.1.2 IP address as their default gateway.

For computers on the 10.0.0.0/24 network, they should use the 10.0.0.2 IP address as their default gateway.

If you want you can enabled ICMP pings for IPv4 with the following CMD command so you can ping the server:

netsh advfirewall firewall add rule name="Allow inbound PING" protocol="icmpv4:8,any" dir=in action=allow

Each server needs to now be configured to use SAROUTE01 as it’s default gateway. For SADC01 will use 192.168.1.2, and SADC02 will use 10.0.0.2.

Log in to each server and open Server Manager. Next click the IP address in blue:

Next, click the IPv4 and select Properties:

Configure the following settings for SADC01:

Configure the following settings for SADC02

Now you should be able to ping each domain controller even though they are in different networks. That’s all we need to do for this lecture!