You are currently viewing Part 06 – Configuring Routing and Remote Access Service (RRAS)

Part 06 – Configuring Routing and Remote Access Service (RRAS)


In this article we will configure RRAS server. We will install the RRAS Role which will be responsible for NAT (Network Address Translation) between Private Network Adapter and External Network Adapter. The RRAS functionality provides different use case scenarios but in this case we will use only the NAT functionality.

The Setup

Our setup involves virtual machines that have only one network adapter (private) for communication amongst themselves. For internet access, we will utilize the Network Address Translation (NAT) capability within RRAS, which will convert the IP address from the Private Adapter to the External Adapter IP Address. All communication will be routed through the RRAS Server, which will handle IP Address translation.

With RRAS  we will achieve the following

  • Internet Access will be provided via an External Network Adapter.
  • Each virtual machine will have only one Private Network Adapter. IPs will be then routed to the External Switch which will provide the internet access.

You can found additional info on – GitHub


Internal Communication flow



Internet Access flow

Step 1: Assigning IP Addresses – RRAS Server

NDL-RRAS (RRAS server prepared in the previous blog post)

Firstly, we need to assign a static IP address to the private adapter within Windows. It’s recommended to rename the private and external adapters within Windows for easy recognition. If you’re unsure which adapter is private or external, add them separately and then rename them.

The RRAS server will function as a router, there’s no need to assign any IP Gateway. The device operates as a router and serves as the default gateway.

We will use a subnet mask class C, which provides 255 available IPs – more than sufficient for our LAB. We will add DNS after we prepare our domain.

Private Network


External Network

Secondly, assign an IP address for the external adapter within Windows. In this guide, we’re using DHCP which receives the IP from the Home Router.


Step 2: Installing and Configuring RRAS

Open Server Manager, click on ‘Add Roles and Features’, and add ‘Remote Access / Direct Access VPN’.


Select the routing role (including components such as IIS etc.) and install the RRAS Role.


After installation, we need to configure it. Right-click and configure RRAS. Choose a custom configuration. Select NAT functionality and start the service.


Choose a custom configuration.


Select NAT functionality and start a service.


Expand the IPv4 node. Right-click on NAT functionality and choose the new interface.

We need to add two interfaces:

  • External and check “enable NAT on this interface”.
  • Internal (Private) interface.






So basically, all requests for external communication will go through RRAS, which will translate IP addresses and enable connectivity to the internet.

Step 3: Functionality Test – Virtual Machine

Start a virtual machine that has Windows 11 installed. In this guide, we’re using NDL-MEJ. The virtual machine needs to have a Private switch assigned.

Assign IP Address. In my case, I  am using the following segment for clients:

  • –

Assign IP Default Gateway (RRAS IP Address). In my case

For the DNS address, we will use the Google DNS address ( We will change it after we prepare our domain.


Now, try to ping the RRAS Server


Now we will check access to the internet. We will use Tracert. It will show us the next hop to the target. In this example, the target is (Google). We can see that the next hop is to the RRAS Server and then to the physical router. That indicates that everything is working correctly.

See ya in the next blog post 🙂

Github repository – Microsoft Home Lab

Leave a Reply