Archive

Archive for the ‘RRAS (Routing and Networking)’ Category

Configure RRAS on Windows 2008 R2 to route 4 Private Networks within VMware

June 8, 2011 3 comments

Within my VMware test lab, I wanted to be able to route three private networks in order to test Exchange 2010 (DAG and CAS), TMG 2010 (Reverse Proxy) and a Windows XP\7 client using Outlook Anywhere and OWA.   The problem is, I wanted to truly test the NAT routing as simulated in our production environment using VMware and virtual networks.  The networks look like this:

  • 192.168.0.X  (Internal LAN Network)
  • 10.0.0.X        (DMZ – or Internet Facing Network)
  • 100.0.0.X      (Exchange DAG Replication Network)
  • 100.0.20.X (Exchange DAG Replication Network – Second Site)

So how do I get these networks to route between one another?

THE FIX:  RRAS (Routing and Remote Access Server in Windows 2008 R2).   I was actually surprised on how easy this was to setup and will work on Hyper-V as well.

Step 1:  Add the NICS to your RRAS server.  Each NIC will have the IP address that you will use for the Default Gateway for each of the Networks in your environment.  If this is in VMWare or Hyper-V, no Default Gateway is required.   If you are using publicly routable IPs, you will need to designate static routes within the RRAS setup.  Note: Each of these NICs are on the same “VMWare” Virtual Network, so you will not have to create VM networks, this work will be handled by RRAS.

NIC Configuration on RRAS server:

  1. NIC1:  100.0.20.1 -MASK 255.255.255.0 -NO Gateway
  2. NIC2: 100.0.0.1 -MASK 255.255.255.0 -NO Gateway
  3. NIC1: 10.0.0.1 -MASK 255.255.255.0 -NO Gateway
  4. NIC1: 192.168.0.1 -MASK 255.255.255.0 -NO Gateway

image

image

STEP 2:

Install the RRAS service on your Windows 2008 R2 Server.  This can be done by going to the Add Server Roles Wizard.   You will need to add the Network Policy and Access Services.

image

STEP 3:  We will now Enable the RRAS configuration. Navigate to the Server Manager and drill into the the roles. The Routing and Remote Access should have a red indicator. Follow the illustrations below to complete the configuration.

image

Select Secure Connection between two private Networks.

image

Select NO to create Demand-Dial Connections

image

If you see an error stating “An error occurred while trying to start Routing and Remote Access Service….” This is normal.  Click OK on the error.

image

You should now see your RRAS server with a red error or indicator.   Right click on the RRAS Server (Local) and select properties.  Change the IP4V router setting from LAN and Demand-Dial routing to Local Area network (LAN) routing only.  Click Apply and OK.   Right Click on the RRAS server again, Select All Tasks and select Start to start the services.

image

You should now be all set.

image

Have fun testing!

Ed McKinzie

Advertisements