© 2024 SkillPoint IT. All rights reserved.
Module 10: Configuring a Windows Server as a Router: Enable Routing, NAT & LAN-to-WAN Access
Configuring a Windows-based server as a router allows the server to forward traffic between multiple network interfaces using RRAS (Routing and Remote Access Service). It enables routing, NAT, and firewall functionality, effectively turning the server into a basic software-based router.
Steps to Configure a Windows Server as a Router (RRAS):
1. Install the Remote Access Role
Go to:
Server Manager → Add Roles and FeaturesSelect:
Remote Access
Subcomponents:
Routing
DirectAccess and VPN (RAS)
2. Enable Routing and NAT in RRAS
Open RRAS from
Administrative ToolsRight-click your server → Configure and Enable Routing and Remote Access
Choose Network Address Translation (NAT) or Custom Configuration
Select:
LAN Routing
NAT if you want Internet sharing
3. Add and Configure Routing
Go to IPv4 > Static Routes in RRAS
Add custom routes as needed to manage inter-subnet traffic
Use Routing Protocols (RIP) if dynamic routing is required
4. Enable NAT (Optional)
Go to IPv4 > NAT
Right-click External Interface → Properties
Check Enable NAT on this interface
Right-click Internal Interface → Properties
Select Private interface connected to private network
Overview of Routers and Routing Tables
- Router Functions
- Routing Tables
- To Display the IP Routing Table on a Computer Running Windows 2018, Use the Route Print Command
Configuring Network Connections in Windows Server: IP Settings, Interfaces & Advanced Options
Configure Network Interfaces
Ensure the server has at least two NICs:
One for internal (LAN)
One for external (Internet/WAN)
Assign static IPs:
External: Public IP or connected to ISP/modem
Internal: Private IP (e.g., 192.168.x.x)
Steps to Configure Network Connections in Windows Server:
1. Open Network Settings
Go to:
Control Panel → Network and Sharing Center → Change adapter settings
(Or usencpa.cplin Run)
2. Assign Static IP Address
Right-click your network adapter → Properties
Select:
Internet Protocol Version 4 (TCP/IPv4) → Click Properties
Choose:
🔘 “Use the following IP address”
IP address: e.g.,
192.168.1.10Subnet mask:
255.255.255.0Default gateway: e.g.,
192.168.1.1
🔘 “Use the following DNS server addresses”
Preferred:
8.8.8.8Alternate:
8.8.4.4
3. Rename Network Interfaces (Optional for Clarity)
Go to adapter settings
Right-click > Rename (e.g.,
LAN,Internet,DMZ)
4. Enable or Disable Adapters
Right-click adapter → Disable or Enable
Useful for configuring redundant paths or isolating networks
- Configuring Network Connection Names
- Configuring Network Connection Names
- To Display the IP Routing Table on a Computer Running Windows 2018, Use the Route Print Command
- Configuring IP Settings for a Network Adapter
- Configuring Settings for a Network Connected to the Internet
- Configuring Settings for a Private Network
- Verifying the Address Relationship
Enabling Routing Using RRAS in Windows Server: Static Routes, NAT & LAN-WAN Connectivity
Enabling routing using Routing and Remote Access (RRAS) in Windows Server allows the server to forward network traffic between interfaces. It supports static routing, NAT, VPN, and dynamic routing protocols for internal and external connectivity.
- To Configure Routing
- Configuring Settings for a Network Connected to the Internet
- Select the Network router configuration option
- Verify that the network protocols required for routing are available
- Select the demand-dial option, if applicable
- Select the method for assigning IP addresses to remote clients
Configuring Static Routes in Windows Server: Step-by-Step Using RRAS & PowerShell
Configuring static routes in Windows Server allows network traffic to be manually directed through specified gateways. It’s useful for multi-network environments, internal routing, and traffic optimization when using Routing and Remote Access (RRAS) or PowerShell.
How to Configure Static Routes in Windows Server:
Method 1: Using RRAS (Routing and Remote Access Service)
Prerequisite:
Ensure RRAS is installed and configured for LAN routing.
Steps:
Open:
Routing and Remote Access (RRAS)consoleGo to:
IPv4 → Static RoutesRight-click → New Static Route
Enter:
Interface: Choose correct NIC (e.g., “LAN”)
Destination: e.g.,
10.0.0.0Network Mask: e.g.,
255.255.255.0Gateway: e.g.,
192.168.1.1Metric: e.g.,
1(lower = higher priority)
Click OK and verify route is added.
Method 2: Using PowerShell
Run PowerShell as Administrator and use the following:
powershell
New-NetRoute -DestinationPrefix "10.0.0.0/24" -InterfaceAlias "Ethernet" -NextHop "192.168.1.1"
Replace:
10.0.0.0/24with your destination network"Ethernet"with the correct interface name192.168.1.1with the next-hop/gateway
Method 3: Using Command Prompt (Legacy Option)
CMD/Bash
c:/route add 10.0.0.0 mask 255.255.255.0 192.168.1.1 metric 1 if 13
Find interface number via
route printAdd
-pto make the route persistent across reboots:
CMD/Bash
c:/route -p add 10.0.0.0 mask 255.255.255.0 192.168.1.1
- Examining a Static Routing Table
- Adding a Static Route
Lab A: Configuring a Routing Interface
- Routing Interfaces in Routing and Remote Access
- LAN Interfaces
- Demand-Dial Interfaces
- IP-in-IP Tunnel Interfaces
- Packet Filtering
- Packet Filtering
- LAN Interfaces
- Demand-Dial Interfaces
- IP-in-IP Tunnel Interfaces
- Configuring Filters on an IP Routing Interface
- Select an interface
- Specify an input or output filter
- Specify a filter action
- Configuring Filter Settings on an IP Routing Interface
- Identify the source network
- Identify the destination network
- Select the protocol
Implementing Demand-Dial Routing
- Overview of Demand-Dial Routing
- Configuring Demand-Dial Connections
- Configuring Connection Settings
- Configuring Ports to Allow Demand-Dial Connections
- Creating a Demand-Dial Interface
- Configuring IP Addressing for Inbound Demand-Dial Connections
- Configuring IP Address
- Configuring Demand-Dial Filtering
- Configuring Dial-Out Hours
- Configuring Static Routes for a Demand-Dial Interface
- Adding Static Routes
- Testing Static Routes
Configuring the Routing Information Protocol
- Routing Protocols
| RIP | OSPF |
|---|---|
 | |
| For small to medium internetworks | For large, heterogeneous internetworks |
| Uses a routing table | Uses a link state database |
| Easier to configure and manage | Complex to configure and manage |
| Does not scale well | Operates efficiently in large networks |
| Contains a reference to an installation point where product files reside | |
- RIP Operation
- Adding the RIP Protocol
- Adding an Interface to Support RIP
- Configuring Route Filtering
- Configuring RIP for a Non-Broadcast Network
Lab: Configure Windows Server 2019 as a LAN Router Using RRAS
This lab demonstrates how to configure Windows Server 2019 as a router using Routing and Remote Access (RRAS) to route traffic between two networks or provide NAT for internet access.
Lab Requirements:
Windows Server 2019 installed
Two configured NICs:
NIC 1: Connected to Internal LAN (e.g., 192.168.10.1)
NIC 2: Connected to External network or second subnet (e.g., 10.0.0.1 or internet)
Administrator privileges
Lab Steps:
Step 1: Assign Static IP Addresses
Go to
Control Panel → Network and Sharing Center → Change Adapter SettingsAssign:
NIC 1: IP
192.168.10.1, subnet255.255.255.0NIC 2: IP
10.0.0.1, subnet255.255.255.0or auto from ISP/DHCP
Step 2: Enable IP Routing
Open PowerShell as Administrator:
This is an Alert
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -Name "IPEnableRouter" -Value 1
Restart the server or use:
This is an Alert
Restart-Service RemoteAccess
Step 3: Install RRAS Role
Open Server Manager → Add Roles and Features
Select:
Role-based installation
Remote Access
Under Role Services, select:
✅ Routing
✅ (Optional) NAT, VPN (RAS)
Step 4: Configure Routing in RRAS
Open:
Routing and Remote AccessRight-click server name → Configure and Enable Routing and Remote Access
Choose:
Custom Configuration
Check LAN Routing (and NAT if needed)
Finish and start the RRAS service
Step 5: Test Static Routing
On a PC in 192.168.10.x subnet:
Set gateway to
192.168.10.1(the server)
Ping a PC in 10.0.0.x (or the internet if NAT is configured)
Step 6: (Optional) Configure NAT for Internet Access
In RRAS console, go to
IPv4 → NATRight-click the external interface → Properties
✅ Enable NAT
Right-click internal interface → Properties
🔘 Mark as private
Add comment