Connecting Your Network to the Internet.docx
《Connecting Your Network to the Internet.docx》由会员分享,可在线阅读,更多相关《Connecting Your Network to the Internet.docx(16页珍藏版)》请在冰豆网上搜索。
ConnectingYourNetworktotheInternet
OperatingSystem
ConnectingYourNetworktotheInternet
DeploymentScenario
Abstract
Intoday’sbusiness,beingconnectedtothemarketplaceandtoyourcustomersmeansgettingconnectedtotheInternet.Windows2000makesiteasiertosecurelyconnectyournetworktotheInternet,enablingyouremployeestoaccesstheinformationtheyneed.ThisguideoutlinesthestepstoprovidesecuresharedInternetaccesstoMicrosoft®Windows®2000-basedclientsthataredirectlyattachedtoamedium-sizedprivatenetwork.
©2000MicrosoftCorporation.Allrightsreserved.
TheinformationcontainedinthisdocumentrepresentsthecurrentviewofMicrosoftCorporationontheissuesdiscussedasofthedateofpublication.BecauseMicrosoftmustrespondtochangingmarketconditions,itshouldnotbeinterpretedtobeacommitmentonthepartofMicrosoft,andMicrosoftcannotguaranteetheaccuracyofanyinformationpresentedafterthedateofpublication.
Thiswhitepaperisforinformationalpurposesonly.MICROSOFTMAKESNOWARRANTIES,EXPRESSORIMPLIED,INTHISDOCUMENT.
Complyingwithallapplicablecopyrightlawsistheresponsibilityoftheuser.Withoutlimitingtherightsundercopyright,nopartofthisdocumentmaybereproduced,storedinorintroducedintoaretrievalsystem,ortransmittedinanyformorbyanymeans(electronic,mechanical,photocopying,recording,orotherwise),orforanypurpose,withouttheexpresswrittenpermissionofMicrosoftCorporation.
Microsoftmayhavepatents,patentapplications,trademarks,copyrights,orotherintellectualpropertyrightscoveringsubjectmatterinthisdocument.ExceptasexpresslyprovidedinanywrittenlicenseagreementfromMicrosoft,thefurnishingofthisdocumentdoesnotgiveyouanylicensetothesepatents,trademarks,copyrights,orotherintellectualproperty.
Microsoft,ActiveDirectory,Windows,WindowsNTandtheWindowslogoareregisteredtrademarksofMicrosoftCorporation.
Otherproductorcompanynamesmentionedhereinmaybethetrademarksoftheirrespectiveowners.
MicrosoftCorporation•OneMicrosoftWay•Redmond,WA98052-6399•USA
0200
Contents
Introduction1
ScenarioRequirements2
ScenarioTasks2
InternetCOnnectionSetupTasks3
Overview3
EstablishinganInternetaccountwithanISP3
ConfiguringWindows2000ServerforInternetAccess4
AssigningIPaddresses4
ToEnableRouting6
CreatingaDedicatedInternetConnection7
CreatingaDemand-DialInternetConnection7
DemandDialInternetconfiguration10
UpdatingthelocalDNSserverforInternetnamingresolution12
Conclusion15
Summary16
ForMoreInformation17
Windows2000WebSiteResources17
Introduction
Intoday’sbusiness,beingconnectedtothemarketplaceandtoyourcustomersmeansgettingconnectedtotheInternet.Microsoft®Windows®2000makesiteasiertosecurelyconnectyournetworktotheInternet,enablingyouremployeestoaccesstheinformationtheyneed.Connectingamedium-sizedofficenetworktotheInternethastraditionallybeenadifficultprocessrequiringseparatemachinesandextensiveknowledgeofnetworkdevices.Formany,makingaconnectiontotheInternetseemedcostlyanddifficulttomanage.
WithWindows2000Server,makingaconnectiontotheInternetiseasy,secure,andcanbeaccomplishedwithrelativelyinexpensivehardwareandbasicInternetserviceprovider(ISP)services.
Thisguideisintendedforusersofmedium-sizedWindows2000domain-basednetworkswhowanttosetupInternetaccessandshareitwithlocalareanetworkclients.Itassumesabasicunderstandingofdomain-basednetworks,DomainNamingServices(DNS),andDynamicHostConfigurationProtocol(DHCP).ThisguideisnotintendedasacomprehensivereviewofallroutingfeaturesofWindows2000,rather,itisafocusedguideofthebasicInternetgatewaycapabilities.
ScenarioRequirements
ThisdocumentwillwalkyouthroughsettingupaWindows2000-basedserverasanInternetconnectionserverthatsharesaccesswithalocalareanetwork.Thisguidebuildsonthenetworkconfigurationinthe“UpgradingaWindowsNTDomaintoWindows2000ActiveDirectory”deploymentscenarioguide.(Itshowshowtoconfigureasingledomain-basedWindows2000networkwithDNSandDHCPservicesenabled.)
ToconnecttotheInternet,thisguideassumesyouhaveanactiveaccountwithanISPandaphysicalconnectiontotheInternet.Thiscouldbeadial-upconnection,likeananalogmodemorISDN,oradedicatedconnectionlikeacablemodemorDigitalSubscriberLine(DSL).
ToconfiguretheserverforInternetaccesssharing,youwillneedtoinstalltheRoutingandRemoteAccessServices(RRAS)thatisincludedwiththeOptionalWindows2000componentspackage.ToinstallthiscomponentonyourWindows2000Server,clickStart,pointtoPrograms,pointtoAdministrativeTools,clickConfigureyourserver,clickNetworkingandclickRouting.FollowtheinstructionsonthispagetoinstalltheRRAS.Youmusthavenetworkadministratorrightstoconfigurethissetup.
ScenarioTasks
Inthisguideyouperformthefollowingtasks:
SetupandManagementTasks
∙NetworksetupandconfigurationusingtheInternetConnectionservices.IncludesanoverviewofcommonISPauthenticationissuesincurredwhenusingthewizard.
∙ConfigurationandsetupofRoutingandRemoteAccessServiceedgeofnetworkgateway
InternetCOnnectionSetupTasks
Overview
RoutingandRemoteAccessService(RRAS),integratedinWindows2000Server,providesavarietyofcapabilitiessuchasconnectingremoteusers,connectingofficenetworks,andconnectingnetworkstotheInternet.ThisguideshowsyouhowtoconfigureyourWindows2000ServertoprovideabasicoutboundconnectiontotheInternetthatcanbesharedwithothercomputersonyourinternalnetwork.
TosetupyournetworkforInternetaccess,youneedto:
1.EstablishanInternetaccountwithanISP.
2.ConfigureWindows2000ServerforInternetaccess.
3.UpdateyourlocalDNSserverforInternetnamingresolution.
EstablishinganInternetaccountwithanISP
YoumustestablishanaccountwithanInternetserviceprovider(ISP)toaccesstheInternet.AnISPprovidesthefollowinginformationtoconfigureyourserverandnetworkenvironment:
∙Accountusernameandpassword.Usedforauthenticationpurposes.
∙AssignedIPAddress.ThisisyourpublicIPaddressassociatedwithyouraccount.Thiscanbestaticallyordynamicallyassigned.
∙ISPDNSServerAddress.UsedtoforwardDNSrequestsforInternetnamestotheISP’sDNSserver.
∙ModemAccessNumber.TheISP’saccessnumberifyouareconnectingthroughdemanddial.
Note:
IfyouplantohostaWebserveroraremoteaccessserver,youneedtorequestastaticIPaddressorhaveanISPthatsupportsDynamicDNS.OutboundInternettrafficwillworkwithadynamicallyassignedIPaddressbutexternalcomputerswillnotbeabletoconnecttoyournetworkovertheInternet.
BeforeyousetupInternetsharing,checkwithyourISPaboutanylicensinglimitationsonsharedaccessthroughasingleISPconnection.
ConfiguringWindows2000ServerforInternetAccess
SelectacomputeronyournetworkdomainthatwillperformastheInternetconnectionserver.ThiscomputerrequiresWindows2000ServerwithRoutingandRemoteAccessServices(RRAS)installedandtwonetworkconnections:
onetotheinternalnetworkandonethatwillconnecttotheInternet.TheinternalconnectionshouldbeaNetworkInterfaceCard(NIC)whiletheexternalconnectioncaneitherbeaNICoramodem,dependingonthetypeofconnectionrequired.
AssigningIPaddresses
Ifyourserverisalreadyconnectedtothenetwork,theInternalNICshouldalreadyhaveanIPaddressthatwasdynamicallyassignedbythelocalDHCPserver.BecausethisserverwillbeusedastheInternetConnectionServer,youwillneedtoassignastaticIPaddresstotheInternalNIC.ThisstaticIPaddressshouldbeselectedfromtheDHCPExcludedAddressRangedefinedintheDHCPNewScopeWizard,explainedin“UpgradingaWindowsNTDomaintoWindows2000ActiveDirectory”deploymentguide
Tocommunicatetheserver’snewroleasanInternetgatewaytoallclientsonthenetwork,youwillalsoneedtoaddthisstaticIPaddresstotheRouter(DefaultGateway)listintheNewScopeWizard.
Forthisguide,weassumethattheInternalNICisassignedareservedstaticIPAddressof10.10.1.90.WealsoassumethattheISPassignedastaticpublicIPaddressof169.254.0.20toyourcompany.ThepublicIPaddressshouldbeassignedtotheexternalInternetconnection.ToassignIPaddressestoNICs,
4.SelectStart,pointtoSettings,pointtoNetworkandDialUpConnections,rightclickthenameofthenetworkinterface(InternalConnection)andselectProperties.
5.IntheGeneraltab,selectTCP/IPandclickProperties.ClickUsethefollowingIPaddressandtypeintheassignedIPaddress.ClickOKtoacceptthechanges.
6.RepeatthesestepsfortheExternalInternetConnectionNICbutassignthestaticIPaddressprovidedbyyourISP.
Note:
WhenyouhavetwoNICsinstalledontheServer,youcanidentifytheInternalandExternalNICs.UnplugthenetworkconnectioncablesfrombothNICs.TakethecablethatisconnectedtoyourLANandplugitbackintoaNIC.RightclickMyNetworkPlacesandclickProperties.TheiconthatisilluminatedisyouractiveInternalConnectionsNIC.YoucanrenamethisNICbyrightclickingandselectingRename.
RRAScanbeconfiguredtoprovidethefollowingnetworkingservices:
∙InternetConnectionServerprovidessecureaccesstotheInternetforallclientcomputersonthelocalareanetwork.
∙RemoteAccessServerallowscomputerstoremotelyconnecttotheprivate
升级会员 