Windows 9x clients -> ISDN router -> ISDN connection -> ISDN router -> Windows NT server.. HELP!!

[Valhalla1]

A buddy of mine works for a small contract computer company, going to sites here in town and installing computers/networks, etc.


They've run into a little trouble and my friend asked me for help, but I'm a little stumped on what to tell him. Here's the setup:

There are several windows 95 clients at one location here in town. They have at that site a Windows NT server (and I think a Novell server?). They are wanting (don't know why) to move the servers to another location here in town, but to be able to login and access shares on the NT server from the Windows 95 clients.


At first they wanted to put a DSL or cable connection between them, but it was unavailable at the server location, so they decided on ISDN. They have purchased 2 Cisco ISDN routers (not sure of which ones exactly, 700 series I THINK).

They want to be able to login to the NT server from their location, and use dial on demand routing over the ISDN connection, having it dial up the server when needed.

As far as I know, the ISDN connection is up and running fine, they need to now configure the server and clients to use this connection.


so.. will I need to install RAS on the NT box? I researched a teensy bit on RAS and only read how to make it an actual dialup server with a modem, but that is not needed for this situation.


Or will the link be completely transparent to the server and client?

how will the link be initiated? Basically they want to see their NT server in "network neighborhood" on the clients, but not have the link initiated every time net neighborhood is opened. Just when they need to access the shares.


If I'm picturing this in my mind correctly, I see it as when the link is up, it will be just as if the server and clients are plugged into the same switch, but when the link is down, the servers and clients will be alone in their "network neighborhood's". And on the client end they will have to initiate the link somehow when they want to acccess shares. is this basically correct? or will RAS or something similar need to be installed on the NT 4 server?

 

[Valhalla1]

Also, I believe the customers are interested the possibility of using VPN over the link, but my friend told me apparently the cisco ISDN routers they have purchased don't support VPN. Is there any way around this?

 

[Valhalla1]

 

[macssuck]

I thought that since the ISDN line goes directly from one site to the other you did not need VPN?

 

[striker99]

I don't understand why the Cisco ISDN router doesn't support a VPN. There are VPNs such as the VPNET product, http://www.vpnet.com/products/vsu3.0.htm, that support ISDN. I don't know why the Cisco router wouldn't work with this. There's a market survey of VPN solutions at http://www.8wire.com/article_render/?aid=1312.

 

[CTR]

1. Since this is in town, why do they want dial-on-demand routing? Are they paying per-minute charges on their ISDN?

2. The Cisco 700-series router is targeted at home users. Not a business-class router. Doesn't even run Cisco IOS. So don't expect much from these cheapo boxes. Cisco 800 would be a much better choice.

3. You don't need to do any kind of RAS. Every client and server will use the IP of the router as their default gateway. The routers will be configured to dial into each other.

4. Be aware that login and file access across the WAN will be EXTREMELY slow.

5. Create an LMHOSTS with #pre and #dom entries and keep it distributed and updated religiously. WINS is going to be slow across an ISDN link.


I've done this before for clients, but not with those 700 routers.

 

[Valhalla1]

1. Since this is in town, why do they want dial-on-demand routing? Are they paying per-minute charges on their ISDN?


Not sure, I will find this out today.

2. The Cisco 700-series router is targeted at home users. Not a business-class router. Doesn't even run Cisco IOS. So don't expect much from these cheapo boxes. Cisco 800 would be a much better choice.


They had originally gone with a cheap webramp (I think?) home ISDN router, which they quickly found to be sub par. So they went with an entry level Cisco ISDN router. I knew it didn't run IOS, but uses set-based config commands, I haven't gotten to see the router yet, but that's what I gathered from my friend.


3. You don't need to do any kind of RAS. Every client and server will use the IP of the router as their default gateway. The routers will be configured to dial into each other.

This is good news, it was what I expected (about not having RAS). Another thing, I failed to even think about before, is that the clients will have to log in to the NT server, so I guess the connection will have to be up more often than not. I hadn't even thought about that yet.


4. Be aware that login and file access across the WAN will be EXTREMELY slow.


Yes, but better than 56k! Cable and DSL were unavailable at their location on the edge of town, and they were not prepared to pay for frame relay or a fractional T1


5. Create an LMHOSTS with #pre and #dom entries and keep it distributed and updated religiously. WINS is going to be slow across an ISDN link.
I am familiar with LMHOSTS files for Windows TCP/IP, #pre pre-loads or chaches the entry, correct? #DOM is a domain entry, how would these entries work in the LMHOSTS file?


thanks to all for the help...

 

[CTR]

<< I am familiar with LMHOSTS files for Windows TCP/IP, #pre pre-loads or chaches the entry, correct? #DOM is a domain entry, how would these entries work in the LMHOSTS file? >>



What do you mean? It sounds like you know how to use LMHOSTS. Create #pre entry for everyones computer as well as a #pre and #dom for the server, so you won't have to wait for WINS to figure it out. I'm assuming you don't have too many clients or a weird DHCP config. It's been a while since I had to do this, thankfully, so maybe somebody else will have some good LMHOSTS tips for you.

 

[Valhalla1]

well, I know the general structure of an LMHOSTS file.

but not details..

but I think I'll be able to handle it.

thanks

 

[Valhalla1]

just to confirm :


In TCP/IP setup for Win9x clients : ip address 192.168.0.x, default gateway set to 192.168.0.1 (eth interface address for ISDN router)

TC/IP setup for Win NT server: ip address 192.168.0.x, defaut gateway set to 192.168.0.2 (eth interface address for second ISDN router)

the router configs will be set to dial the other when the link is needed. I know you can configure the router so that the link isn't brought up every time a network broadcast is sent. When you open up &quot;network neighborhood&quot; in Windows, from what I understood, this is NetBIOS traffic running over tcp/ip, is this broadcast traffic? I assume it floods the network with NetBIOS queries. Therefore the routers won't bring up the link since its broadcast traffic, and then the NT server won't show up in their network?


Or, say it does show up, but the link only comes up when you attempt to access shares on the server?

 

[CTR]

First of all, you need two different IP networks. I suggest 192.168.0.0/24 for site A, 192.168.1.0/24 for site B. The Eth0 interfaces can have the first address of the subnet, 192.168.0.1 and 192.168.1.1. The default gateway for all clients (and servers) at site A is 192.168.0.1, and site B default gateway is 192.168.1.1.

Next I suggest that you use a /30 subnet for the BRI or Dialer interfaces on the routers. For instance, use 192.168.255.0/30. This makes site A BRI interface = 192.168.255.1/30, and site B BRI interface = 192.168.255.2/30. A default route should be set on each router such that: site A default route = 192.168.255.2, and site B default route = 192.168.255.1.

You are correct about Microsoft's TCP/IP stack -- it includes support for encapsulation of NETBIOS. You can use this to your advantage with your LMHOSTS file. When you precache, you avoid waiting for broadcasts. So when you precache your PDC on each client, you will be able to login across the WAN.

As to whether or not broadcast traffic will bring up your ISDN link, it depends on your router configuration. Most dial-on-demand configurations ignore or filter out NETBIOS broadcasts. But if you are not paying any per-minute ISDN charges none of this matters since the link can stay up 24/7 without any extra expense.

Hope this helps you out.

 

[Valhalla1]

alright, thanks for the tips. They want me to help them out this weekend getting this up and running.

the only other stumbling block I'll face is the Netware server. I have no experience with Novell, and I don't know how they have the network set up since it has both TCP/IP and IPX servers.

but I took about a 2 hour training course on the Cisco 700 series routers (part of a computer based training program I have at work). And now I know more than I'll ever want to know about the 776M routers they have.

 

[CTR]

IPX -- don't be afraid! It is a routable protocol just like TCP/IP. And they can co-exist peacefully.

Seriously, IPX uses a network number you define, plus the MAC address of the device to generate the IPX address. So you will need to configure IPX routing on your routers, and pick out an IPX network number (use a hex number between 1 and FFFFFFFe) for the new site. Everything after that should be pretty much default. IPX routers find out about each other using a protocol called SAP (Service Advertising Protocol). I've never implemented IPX routing on a 776, but it sounds like you're learning fast. You can even enable a little point-to-point IPX network between the BRI interfaces, just like you did with the TCP/IP configuration I suggested (use hex number BADBEEF for fun).

Novell login scripts running across a slow WAN link will absolutely CRAWL. So make sure login scripts are optimized for the users on the remote side of the link.

 

[Valhalla1]

Now, will having the clients and the server on seperate IP networks have any effect on login and/or &quot;seeing each other on the network&quot; as far as the users are concerned?

 

[CTR]

For the NT network, the LMHOSTS file will take care of the clients seeing the server and domain. For Netware, you have to set the tree (4.x or above) or server name on the PC's Novell Client settings. When you login, the IPX client will broadcast a query to find the IPX address of the server/tree, and will be answered by the local IPX router which has that server/tree information in its SAP table.

 

[Valhalla1]

dammit.. I knew that. lol.. I think


Now I wish I'd hit on the IPX a little harder before taking my CCNA. 'course my test had little on IPX anyway. And the CCNP switching test I've taken so far had no ipx either.

thanks man, you're the &quot;leetest&quot;.

 

[Valhalla1]

UH OH...

just got off the phone with my friend, we're supposed to go in tomorrow and set this thing up.

but I found out that he didn't have the router connection up yet. He says they have a circuit-switched service plan. Not really sure, but it seems to me that the router can only call the service provider's #, so all the WAN traffic for this company is going to be routed thru the provider's gateway, is this correct?

and is this the way we need to set it up?