which will have access to my high speed connection.

Silly huh? I want to be able to dial in to my machine....then have web access from there. I figure a proxy server should do it, but there HAS to be a feature in 2k that will allow this.

I can dial in fine....but can't figure a way to configure NAT to allow the dial in account web access.

and no....I don't want to use Terminal Services over a dial up connection.

Any suggestions?

I will have alook for u....but need to find my 2000 Server CD

What's the point of doing that? It's not like surfing the internet through your computer connected to broadband is gonna speed it up for you since you're still only connecting through 56k.

Shadow this is long, but I think it is what u need. If you want I will send you the screen shots and the referenced chapters? but I think this will get you going. Hope it helps.



Configuring Windows 2000 Server to Act as an Internet
Gateway
Start with the same steps listed in the section “Connecting to a Private Network” and
go all the way up to Figure 22.34, using a local access number for your ISP as the number
of the private network to dial.
This time, when the Network Connection Wizard asks if you would like to make
this connection available to all users (pictured in Figure 22.35), select For All Users
instead of Only for Myself. This will enable the sharing properties for this connection.
Click Next, and you should end up with a screen like the one in Figure 22.38.
F I G U R E 2 2 . 3 8
Defining sharing
options
On this screen, you will have two options for how this shared connection should
be handled. The first option is simply to enable sharing for this connection; leave this
option checked. The second option tells Windows 2000 Server when it should establish
the connection. If this box is unchecked, the only way to establish the connection
to the Internet will be manually. However, users typically expect connections to
be available whenever they want them, so enabling the on-demand dialing option
will allow Windows 2000 Server to automatically establish this connection as needed,
with no outside intervention. If you are going to be implementing a shared Internet
connection, you probably want to select this option. When you check the box for

ACTING AS AN INTERNET GATEWAY 1671
on-demand dialing and click Next, you will probably receive a warning dialog box
similar to the one in Figure 22.39.
F I G U R E 2 2 . 3 9
Static IP address
change warning
This dialog box lets you know that Windows 2000 Server will need to make several
changes to its IP configuration for this functionality to work, including specifying a
fixed IP address to use for the server’s internal network connection. If anyone is connected
to your server at this point, make sure they are disconnected before continuing,
otherwise they may lose their connections to the system. Click Yes to continue, and
Windows 2000 Server will make the appropriate IP changes to support sharing an
Internet connection.
The last step of the wizard should ask you to assign a friendly name to this connection.
Go ahead and assign a meaningful name to this connection and then click Finish.
Once you have completed the wizard, you should see an icon for your shared
connection in the Network and Dial-up Connections dialog box. Launch the connection
to verify that everything is working correctly. When you are prompted for your
ISP username and password, enter your credentials and then check the Save Password
box below the field for the domain. This will save your username and password for this
connection so that when it is demand-dialed it will have what it needs. Once you have
established that your ISP connection works correctly in and of itself, it’s time to define
a few rules as to what you want to allow across your Internet connection.
Defining Application and Service Configurations


By default, Windows 2000 Server will not automatically route any traffic from your client workstations to the Internet.


You must define specific rules as to what type of traffic
(i.e., what TCP/IP protocols) can go across your shared connection. To do this,
begin by editing the properties for your shared Internet access connection by rightclicking
the Dial-Up Networking icon in the Network and Dial-Up Connections window
and then selecting Properties. Click the Sharing tab, and you should see settings
for enabling shared access for this connection and on-demand dialing. At the bottom
of the window is a button labeled Settings. By clicking the button, you can define settings
for which applications and services can go across your shared Internet Connection.
The Internet Connection Sharing Settings dialog box is pictured in Figure 22.40.

CHAPTER 22 • INSTALLING AND MANAGING REMOTE ACCESS SERVICE IN WINDOWS 2000 SERVER 1672
F I G U R E 2 2 . 4 0
Configuring shared
access settings
As a point of clarification, “applications” typically refer to connections that come
from your internal network (for Web browsing, e-mail, etc.) and are destined out to
the Internet. However, sharing an Internet connection can also allow you to accept
traffic from external hosts targeted at systems within your network. For example,
maybe you have a small Web server running in your organization that you would like
people to be able to access. Using a shared Internet connection not only lets your users
share access to the Internet, but it can be programmed to allow the Internet access to
your internal shared resources as well.
This is one of the reasons why it’s important to define rules as to what is allowed in
and out of your shared Internet connection. Let’s start by adding a few rules to allow
Web browsing across the shared Internet connection. From the Settings screen, make
sure you are looking at the Applications tab. More than likely you won’t have any
applications listed on your system (unlike the example in Figure 22.40). Press Add to
add an application (in effect, a TCP/IP protocol) to your system. The dialog box to add
a Shared Access Application is shown in Figure 22.41.

ACTING AS AN INTERNET GATEWAY 1673
F I G U R E 2 2 . 4 1
Adding a shared access
application
To allow shared access for a TCP/IP application, Windows 2000 Server needs to know
how that application functions. Specifically, Windows 2000 Server needs to know which
ports the application uses and whether the application uses TCP or UDP connections.
One of the first applications you will probably want to add will be support for DNS—the
means by which clients and browsers can translate names like www.microsoft.com into
IP addresses.
To add DNS support, enter a name for the application (I’ve used “dns” in Figure 22.40)
and the port on the remote server that Win2K will be communicating with. For DNS, this
port is 53, and the protocol to use for the request (with my ISP) is TCP, so I’ve selected the
TCP radio button below the port. DNS responses from the target system will generally
come back in on the same port that the client made the request from, which can be any
number from 1024 to 65535. Therefore, I’ve put 1024-65535 in the TCP field for the
incoming response to allow the DNS server to respond with the appropriate information.
As you can see, knowing how ports work is a key component of using shared Internet
access. Some applications even get complicated by sending responses on UDP and TCP
ports. For information on some commonly used Internet application ports and for the
information necessary to configure your own applications as needed, see Table 22.2.
Once you have configured an application for DNS, add applications as needed for the
applications on your internal network.

CHAPTER 22 • INSTALLING AND MANAGING REMOTE ACCESS SERVICE IN WINDOWS 2000 SERVER 1674
If you need to have outside clients access services on a computer on your internal network,
you will need to add definitions to the services tab of the Shared Access Settings
dialog box. Unless you want people from the outside world connecting to your internal
systems, I would recommend leaving this blank. But if you have a Web server or FTP
server that you need to have people connect to, this is the area to do it. Clicking the
Services tab will take you to a screen almost identical to the one for Applications with
several services listed on it. Clicking a service will allow you to define an internal host
that Windows 2000 should direct that type of traffic to. Or you can click the Add button
to add a service, and you will see a dialog box like the one shown in Figure 22.42.
F I G U R E 2 2 . 4 2
Adding a shared access
service
Services work a bit differently from applications because external hosts won’t connect
directly to the IP address assigned to your internal workstation that has the destination
service (especially since in most cases the internal IP addresses won’t be
routable addresses on the Internet). Instead, external systems will connect to your
TABLE 22.2: TCP/IP WELL-KNOWN PORTS AND SERVICES
Protocol Type Destination Port/Protocol Response Port(s)/Protocol(s)
FTP 21/TCP 1024-65535/TCP
Telnet 23/TCP 1024-65535/TCP
SMTP 25/TCP 1024-65535/TCP
Gopher 70/TCP 1024-65535/TCP
HTTP 80/TCP 1024-65535/TCP
POP3 110/TCP 1024-65535/TCP
NNTP 119/TCP 1024-65535/TCP

ACTING AS AN INTERNET GATEWAY 1675
Windows 2000 Server on a specific port, and based on what port they connect to,
Win2K will redirect the request to one of your internal systems. Therefore, the definitions
for services vary a bit.
Start defining your service by giving it a name—for example, http, ftp, etc. In the field
for service port number, put the port you will expect incoming connections to come to.
Again, you can use Table 22.2 to determine which ports to use. If you wanted to allow
incoming HTTP traffic, for example, you would put 80 in the field for service port.
Finally, in the last field for adding a service, tell Windows 2000 which of your internal
computers to redirect the request to by entering either the name or IP address of the correct
internal network computer. If you are using DHCP to assign addresses to your internal
computers, I would recommend referencing the system by name in this dialog box.
Once you have completed this definition, hit OK and then make sure this service is
checked in the Shared Access Services definition for settings. Now, if you have a connection
that is demand-dialed, it’s important to note that this won’t typically work for
incoming connections. That is, your ISP won’t know that it should dial your server
whenever someone on the Internet tries to access one of your systems. Therefore, if
you are going to accept incoming service connections I’d recommend having your
Internet connection online at all times.
Once you have defined the appropriate application and service settings, it’s time to
configure your clients to direct their Internet traffic to your Windows 2000 Server for
routing.
Configuring Clients
Once your server is ready, you will need to tell your clients to route their Internet traffic
to your Windows 2000 Server. When the Windows 2000 Server receives these packets,
it will realize that they are destined for the Internet and route them as necessary
(initiating your demand-dialed connection if needed). You can either program each
workstation manually or let DHCP do it for you by defining the correct scope and
options to use.
NOTE For more information on configuring DHCP scopes, see Chapter 7.
The following information will work in your DHCP scope for getting your clients
connected to the Internet (other slight variations would work as well; this is merely an
example):
• Address range: 192.168.0.2 to 192.168.0.254
• Address mask: 255.255.255.0
• Default gateway: 192.168.0.1
• DNS servers to use: enter your ISP’s DNS server addresses

CHAPTER 22 • INSTALLING AND MANAGING REMOTE ACCESS SERVICE IN WINDOWS 2000 SERVER 1676
To enter these settings manually on a Windows 2000 Professional, NT 4, or 9x client,
edit the TCP/IP properties of your computer to change the IP address to something
in the range listed above. The mask should be 255.255.255.0 as listed above, and
the default gateway should be 192.168.0.1, the IP address your Windows 2000 Server
will give itself once you enable shared access. In Windows NT 4 Workstation, this
would look similar to the dialog box shown in Figure 22.43.
F I G U R E 2 2 . 4 3
TCP/IP settings for
shared access on
Windows NT 4
Workstation
The last setting to make is the DNS server setting. Since your workstation will need to
look somewhere to translate host names into IP address, you will need to put the DNS
server IP addresses for your ISP into your connection settings. In NT 4 Workstation,
clicking the DNS tab and adding new DNS servers to your system does this. If you don’t
know the IP addresses of your ISP’s DNS servers, I would recommend contacting them to
ask them directly or see if they list the appropriate settings somewhere on their Web site.
Once you have the correct DNS and TCP/IP settings programmed in, reboot your
workstation and log back into the network. Once your computer is up and running,
you should be able to allow access across your shared Internet connection for the protocols
you defined on your server (DNS, Web, etc.). You should see your Windows 2000
Server automatically initiate the connection as needed whenever one of your client systems
tries to access the Internet.

What you need to do is check the help file for Routing and Remote Access (RRAS). The help files in Win2K do a fair job of guiding you in the setup of RRAS.

Originally posted by FlypSyde
What's the point of doing that? It's not like surfing the internet through your computer connected to broadband is gonna speed it up for you since you're still only connecting through 56k.

umm.......if I'm traveling around town with my laptop, and I need internet, I don't have to pay for a dial up service? :rolleyes:

turd, that's exactly what I needed to know. Thanks bud!

umm.......if I'm traveling around town with my laptop, and I need internet, I don't have to pay for a dial up service?

It would be easier just to sign up with Juno. But doing it this way is more geeky and you learn something in the process. :D

Originally posted by FlypSyde


It would be easier just to sign up with Juno. But doing it this way is more geeky and you learn something in the process. :D

but this way is much more cost effective...plus it will give him access to the rest of his machine at home...and there are many other perks involved...