"Marc" <Marc@xxxxxx> wrote in message
> One thing though, the Host machine is visible on the Corp Network.
> Thanks, Marc
Yes, the host machine is not the problem. If you make a dialup type
connection from this server, the corp VPN server will have a host route back
to it through the tunnel. But that is the real problem - it is just a host
route to that machine. It will not route traffic for your guests behind this
machine. This really has nothing to do with virtual machines. That is the
way VPN connections work.
With remote sites, the solution is to use a site-to-site VPN link.
Instead of a dialup type connection, you have a router to router connection
(ie you need a router at each end which can do subnet routing through the
tunnel). That doesn't really fill the bill for you because what you are
running is a mini-site of virtual machines within your site!
If you could run NAT on the server to use the VPN connection as its
"public" interface, things would work. All traffic from the vms going to the
corporate LAN would be using the server's IP address and would be routed
correctly. That is pretty tricky to set up.
To configure RRAS as a NAT router you need the connection to appear in
RRAS as an interface. A standard dialup connection doesn't do that. You
would need to set up a demand-dial interface and establish the connection
through that. (You do not need to use the dial on demand feature. You just
need the interface associated with the connection).
Now you can configure NAT using the dd interface as the public interface
and the loopback adapter as the private interface. Your vms are now routed
to the corporate network through NAT rather than to your local network (as
they were when the public interface of NAT was the NIC in the host).
This is a bit esoteric, so if you want to take it offline you could
email me at
grantaw at aliencamel dot com