Internet Connection Sharing

Discussion in 'Windows Desktop Systems' started by TheBlueRaja, Jul 17, 2002.

  1. TheBlueRaja

    TheBlueRaja BR to Some

    Messages:
    766
    Location:
    Fawkirk!
    I've got a bit of a complex problem which i hope someone can help me with. I have a work PC which runs Windoze 2000, however to access the Work network from home this runs some encryption software to encrypt the packets before it gets sent to my companies firewall.

    I also have another PC which i want to connect to the work network, (its actually not a PC but an IP telephone), the idea being to allow users to work from home and have a telephone connected to the companies PBX on their desk.

    Therefor in order to get this to work i need to encrypt the IP Telephones packets as well, so the IP Packets from the phone must pass through this PC to be encrypted. Therefore, i need to use a second NIC and not a switch or a router.

    The windows 2000 PC can see the Internet or the comany network no problem, via NIC1 - good start. I enabled Internet connection Sharing on NIC1 which in turn assignes the second network card i installed (NIC2) a static IP address of 192.168.0.1 by default. The first NIC which is connected to the Internet gets its IP from DHCP by the way. The idea being to allow the packets to pass through NIC2 and into the PC where the packets will be encrypted and passed out through NIC1.

    However when i connect any devices to the LAN on NIC2, and assign it an ip address of 192.168.0.5 for example (Class C Subnet mask) i cannot ping NIC2 and i also cannot ping the new device from the "gateway" computer containing the two NIC's.

    So am i doing this the right way? ANd if so why the hell cant i ping anything on the Second NIC?

    Please help....
     
  2. Zedric

    Zedric NTFS Guru Folding Team

    Messages:
    4,006
    Location:
    Sweden
    One idea would be to assign the IP to the client (the phone?) using DHCP. That usually makes it easier (provided that the phone supports DHCP).

    Also, is the entire connection on NIC1 encrypted through VPN (I guess that's what it is)? Or is it a regular Internet connection with an encrypted tunnel or something? This could cause problems further on.
     
  3. TheBlueRaja

    TheBlueRaja BR to Some

    Messages:
    766
    Location:
    Fawkirk!
    The phone does support DHCP and the idea is for the phone to get DHCP (as it should) from the network via the NIC1 card.

    To answer your other question the NIC1 is a regular (albeit broadband) internet connection which is encrypted through a VPN tunnel. There is software on the PC which handles the encryption.

    How could this cause problems though Zedirc?
     
  4. JJB6486

    JJB6486 Retired Mod Political User

    Messages:
    1,207
    Location:
    West Lafayette, IN, USA
    You can't connect to a VPN from behind NAT unless the router supports PPTP or IPsec passthrough (ICS does not). If you need to connect to a VPN you can only do so from the host computer

    JJB6486
     
  5. TheBlueRaja

    TheBlueRaja BR to Some

    Messages:
    766
    Location:
    Fawkirk!
    Hey, who said life was easy.....

    Thanks JJB6486
     
  6. Zedric

    Zedric NTFS Guru Folding Team

    Messages:
    4,006
    Location:
    Sweden
    The idea was that the phone could have problems knowing that it should use the VPN tunnel and not the "regular" outward connection. But I could be wrong. Try getting a router software that can handle PPTP or IPsec passthrough, I think there are some.