Re: [NTISP] Routing a subnet thru RRAS dialup line

Dale E. Reed Jr. ( (no email) )
Sat, 24 Jul 1999 05:36:14 -0700

Danny Sinang wrote:
> A customer dials into our NT server 4.0 machine running RRAS and gets a
> fixed or static IP address.
> Now he needs valid IP addresses for the PC's on his LAN.
> So this means I have to route through his dialup connection.


> I've successfully routed all the way from my upstream provider to my NT
> server. Now I need to tell my NT server to route through the dialup
> connection.

Thats the trick (see below).

> Problem is, you can't specify which interface you want to use in the "route
> add" command in NT. And even if there was a way, what is the name of the PPP
> interface that my customer dialed into ?

You don't need to. There are only two kinds of routes: next hop and
Default is everything you don't know. A next hop route is where you
an ip or subnet to be routed to an IP address KNOWN to your router (NT).
Its not legal to route to an IP that isn't known, and by known I mean
an IP address in the subnet of one of your ethernet interfaces.

Here is a section from my 1995 (wow, that was a while ago) set of NT
FAQS that I use to keep. The comments from the guy below were about NT
not NT 4. AFAIK, you don't have to add the routes on NT4 to get this to

> Q4C-1: How do I enable IP routing between a
> WindowsNT PPP/SLIP connection to the internet and the local IP
> subnet?
> Do not use the same IP address for the local ethernet card and
> the RAS PPP to PPP link. The local ethernet card should have an
> IP assigned from you local subnet, and the PPP IP address should
> be assigned from the Internet providers subnet you are dialing into
> using RAS.
> Enabling Routing of IP Packets on RAS Clients for NT:
> \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
> IPEnableRouter
> REG_DWORD:0x1 Enables IP routing
> REG_DWORD:0x0 Disables IP routing
> You must set the DisableOtherSrcPackets registry entry on RAS clients
> if you want to route IP packets through that RAS client. This parameter
> only affects forwarding of packets on the client side--this does not
> affect the server.
> Note: (I could not find this entry so I assume you must add it.)
> The registry path for this entry is:
> \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasArp\Parameters
> DisableOtherSrcPackets
> REG_DWORD:0x1 Disable IP packets from external sources
> REG_DWORD:0x0 Enable IP packets from external sources
> Controls the routing of IP packets with an IP source address other than
> the IP address of the RAS network adapter card.
> Set to 0 packets with source address other than the IP address of the
> RAS adapter will be sent.
> Set to 1 packets with source address other than the IP address of the
> RAS adapter will not be sent.
> Default: 1
> We received the following message from Carl Byington with comments
> on the use of Windows NT as a TCP/IP gateway with IP routing enable.
> FROM: Carl Byington
> TO: Steve Scoggins
> DATE: 11/9/94 11:23 AM
> Re: Routing with PPP works!
> Well, it does work but there are some pitfalls.
> We have a class C internet network that is subnetted, and my part of it uses the subnet mask
> - that gives me 8 host addresses, 2 of which are loopback and broadcast so
> I can have 6 hosts on my subnet, although I currently have only two machines. My host
> addresses are .17 and .18 and the reserved ones are .16 and .23.
> The .18 machine is the secondary machine without a modem. The .17 machine is the primary
> machine with the modem and another IP address for the RAS link.
> The RAS link uses IP addresses .9 (the Unix end) and .10 (my end). Note that this puts the
> RAS link on a different network than my local ethernet.
> I have SYSTEM/CurrentControlSet/Services/RasArp/Parameters/DisableOtherSrcPackets set
> to 0 (I had to create this entry).
> I have SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/IPEnableRouter set to 1.
> The configuration for .18 is
> default gateway = .17
> dns server address = .130
> The configuration for .17 is
> default gateway = .17
> dns = none
> The RAS configuration on .17 is
> require specific IP address = .10
> dns server address = .130
> use default gateway on remote network
> With that configuration, if I just boot .17, I can ping .18 but not .130 since we are not
> connected yet. After bringing up the RAS link, I can ping .130 and the rest of the world.
> HOWEVER, we are not done yet. Attempts to ping from .17 to .18 cause NT to die with the
> blue screen. This is on the 807 debug build from MSDNII.
> So we reboot .17 and this time set a static route to .18 with
> 'route add x.x.x.18 x.x.x.17'
> reconnect the RAS link and everything works like a charm. Both .17 and .18 can ping the
> world thru the RAS link, and both can run Mosaic. WHEE!!
> It seems that the 'use default gateway on remote network' setting in the RAS tcp/ip dialog
> overrides all the local routing unless you have static routes set. If the local network had a lot
> of machines, that would be a real pain. In my case, I can just have the startup group run a
> single route add command.
> The other problem is that the route add does not work unless you are logged in with
> administrator privileges, and it does not stick around between reboots. Therefore, after every
> reboot, you need to log in as administrator and reset the local static routes. If you fail to do
> this, then bringing up the ras link and pinging local machines kills your machine. Oh well, at
> least the consequences are severe enough that the training time is fairly small.
> Thank you very much for all your help with this!


Dale E. Reed Jr. Emerald and RadiusNT__________________________________________IEA Software, Inc.

For more information about this list (including removal) go to: