Connecting Two NT Networks
  
Dear Mole,
  
I am hoping you can help me win an argument. A customer of mine who has two NT networks some kilometers apart and wishes to connect them together to share data across both networks. My competitor says that the only way to do this is by adding two Linux boxes to act as gateways. I insist (perhaps foolishly) that the two servers can be connected directly and allow all users to have access to both servers. 
So OK I am told to prove it. 
I have set up two test servers to prove my point (I hope). 
I have downloaded RRAS and installed it. Now my questions. 
1. What services need to be installed under Network in control panel. 
2. Both networks have different domain names. Do you need to set up a trust relationship or is the granting of dial in permission in User Manager sufficient. 
3. What TCP/IP address would be best to use. Currently Server_North is set to 192.168.100.10 with a subnet of 255.255.255.0. Server_South is set to 192.168.200.10 with subnet of 255.255.255.0. Server_north has 8 clients Server_South has 3 clients. 
4. The default gateway is set to the same address as the servers. Is this OK. 
I have read Demand Dial Routing - MS Windows NT 4.0 with RRAS but not been able to solve my problem (and big mouth, but I just could not let them use Linux). All help, directions and support greatly appreciated in advance. 
Regards
Andrew Lee 

Dear Andrew,
  
You win. It is possible to "join" two remote NT networks so that users from each domain can access the resources of each domain. An honest Mole must note, however, that "possible" in this case does not mean "easy." Nor would it be any easier with Linux than it is with Microsoft products. The fault, dear Andrew, is not in the operating system but in the router, a nifty technology but not a mature one. 
As to your specific questions, you’re playing in the right ballpark when you choose RRAS. All the services you need to perform your network join are automatically installed when you install RRAS. 
As to trust relationships: If you want users in domain A to be able to access resources in domain B and users in B to access resources in A, then you will need to set up two trust relationships. On domain A, where A trusts B and on domain B, where B trusts A. 
Now things get a little murkier, in part because you’ve not specified what version of NT is installed on each of your servers, and which Service Pack versions. The gateway settings may cause headaches, and it’s hard to troubleshoot without the specific info. One way to track your demons is to see if you’re getting errors logged in the Event Viewer that pertain to RRAS or TCP/IP. If you are, take that information to the Knowledge Base and start digging. 
Mole’s found a couple of pretty good Knowledge Base articles that describe several scenarios and suggest things to verify when configuring two networks to access each other over RRAS. 
·Q200834: How to Use OSPF with RRAS Demand-Dial and VPN Connections describes how to implement Open Shortest Path First (OSPF) over Routing and Remote Access Services (RRAS) Dial-on-Demand (DOD) connections. The implementation of this protocol is the same for both direct-dial modem connections and virtual private network (VPN) connections over the Internet. 
·Q178993: How to Use Static Routes with Routing and Remote Access Service explains how to add static routes to a computer running Windows NT Server and the Routing and Remote Access Service (RRAS) Update or Windows 2000, so that it can route packets to a remote network. The information in this article only pertains to those environments where no routing protocols are configured, such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF). 
·Q205027: Dead Gateway Detection with RRAS and Demand Dial Connections describes in detail the operation of Dead Gateway Detection (DGD) and its interaction with the Routing and Remote Access Service (RRAS) Update. 
Then there’s Mole’s own archive. In the January 17 column, I address a couple of RRAS inquiries in depth. In addition to that, you’ll want to search the Knowledge Base for any fixes to RRAS implemented in Service Packs newer than the ones you have installed. And don’t forget to study up on the RRAS release notes, in the "README.DOC" file that comes with RRAS. Lots about services there. 
Finally, here’s some feedback for you from one of those late night Mountain Dew guzzling sessions in subterranean Microsoft. It is the consensus of Mole’s colleagues that, assuming you are a seasoned IT pro, you will most likely get within one support call of winning your bet, and that call will be a short one. Considering that 1) there are dozens of hefty tomes in the computing section of Amazon.com exclusively devoted to RRAS configuration, and 2) Cisco (responsible for 80% of Internet routers) Support will only talk to you at all if you’re a Cisco-certified specialist, Mole figures this is really pretty good. 
Of course, if you’re a real hotshot, you may not need to make the call. 
Let Mole know. 
BackTalk