Sharing an Internet connection with ICS and Windows 2000 Server
Setup
I spent over a day trying to get ICS to work on a W2K host... only to find
out that setting it up is totally different depending on whether you use a W2K
Server or W2K Pro host.
Most documentations available on the Net don't mention that it only applies
to W2K Pro, and that when using a W2K Server host, there's no need to set up
a Dial-Up Connection object. Rather, all routing tasks are handled by playing
with the RRAS service.
Server
- Set the LAN IP configuration to a static IP address, but do not add
any pointer to DNS servers on the Internet (ie. that section should only
contain pointers to servers that handle your zone)
- In Administrative Tools, launch the DNS configurator
- Right click the name of the server, select the Forwarders tab, and add
the DNS servers on the Internet that will resolve non-local names
- Install a modem, and test that it works
- Configure the Routing & Remote Access service: Click on Start |
Program Files | Administrative Tools | Routing & Remote Access
- Action | Add Server...
- Choose "This Computer" (default)
- Select the "<server name> (local)" item, Action | Configure
and enable routing and remote access
- Internet connection server (default)
- ICS (Default)
- Set up a router with NAT routing protocol
- Create a new demand-dial internet connection. Windows will now start
the RRAS service, and prompt you to create a dial-up connection
- Connect using a modem, ISDN adapter, or other physical device
- Select the modem that you installed on the server
- Type in the phone number of your ISP
- Type in the user's name and password. The Domain section could
be an Active Directory/NT4 Domain name, but I didn't have the opportunity
of trying this
Warning: Make sure that the password you typed is
correct, or the modem will connect and hang up after a couple of second,
even if you set the "Hang up if idle" time-out to something more
generous. Check the Event Viewer for more information if you encounter this
kind of problem.
- Back in the Routing and Remote Access application, check that
the server is now active (green arrow)
- Check its properties, and make sure the General tab includes "Enable
this computer as a Router/LAN and demand-dial routing" and the IP tab
includes "Enable IP routing" and "Allow IP-based remote access
and demand-dial connections"
- The modem should be listed in the Ports section of the "<server
name> (local)" section.
Notes
- Using RRAS does not imply the need to create a dial-up connection in
the Network & Dial-up Connections section of Windows, and that Windows
will not display a connection icon in the taskbar when the modem is online,
so make sure that you set a reasonable time-out so the connection is shut
down automatically
- In addition to the RRAS Service, the Service section of Computer Management
includes two other services that seem to be linked to RRAS: Remote Access
Auto Connection Manager and Remote Access Connection Manager, but they are
set to Manual and are thus not started automatically at boot-up. I didn't
have to change this for RRAS to work.
- Check that the RRAS Service is set to run automatically at boot-up
- ISC may get stuck sometimes and refuse to dial the ISP when you're trying
to access resources on the Net. In this case, restart the RRAS service and
you should be back in business.
Client
Nothing needs to be done on client hosts besides getting their IP configuration
dynamically through a DHCP server. When accessing resources located on the Internet,
the server will connect to the ISP through a dial-up connection and seemlessly
provide data back to the client.
Q&A
Resources