Jump to content
Forum²

Recommended Posts

Posted

OS: Windows Server 2008 R2 SP1

Role: RRAS

NIC: 1

Domain: No (Standalone)

 

 

Hello

 

I have searched around the net for other users who have had similar issues as I am experiencing now, but I was unable to gather the actual resolutions to the problems and apply them to mine. So here I go.

 

I can successfully establish VPN connections but once the connection is established I am unable to ping anything in the internal LAN, that includes the gateway and the VPN server both by DNS or by IP.

 

I have noticed that once a VPN connection is established in ipconfig there is no gateway retrieved, but there is a correct IP address set on the same subnet as the router and other clients.

 

On the client which is connecting to the VPN server I have set the "Use default gateway on remote network" option and still no luck.

 

The VPN server lies behind a home router (ASUS WL600g) with all of the VPN ports (1723, 500, 1701) and presumably the other protocols such as GRE pointing to it.

 

The firewall is disabled on the VPN server and I am able to ping the gateway and other clients on the network from it.

 

As there is only one NIC do I have to configure NAT on the VPN server?

 

Do I have (or is it recommended) to have the VPN IP range on a different subnet?

 

Do I have to manually route the traffic between the two IP subnets on the router?

 

 

Regards

zuma

Posted

Hi,

 

Actually the problem may be the gateway which is not assigned.

 

First of all, from the client try to traceroute something (tracert IP_GW) and see if it works.

 

If you assign an IP for the VPN which is the same of the LAN where the server is, you shouldn't enable routing. Anyway, as said in other posts in this forum, usually you should create another subnet and the redirect the traffic with static route.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted

Thanks for the reply ICTCity

 

I decided to install another NIC in the server.

 

The topology looks something like this:

 

VPN Client -------- > ROUTER ------> WIN-2K8-DEV EXT ----------------- > WIN-2K8-DEV INT ----------------- > LAN Client

10.0.0.x 192.168.1.1 192.168.15.1 192.168.1.91 192.168.1.20

ipconfig /all & route print gives the following:

 

SERVER

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : WIN-2K8-DEV
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

PPP adapter RAS (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.15.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter External:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #
2
Physical Address. . . . . . . . . : 00-0C-29-9B-62-5F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.15.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Internal:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0C-29-9B-62-55
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.91(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0D57B9C8-0CFC-4D1A-B522-AF38F4655BDC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3009:256c:3f57:fea4(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::3009:256c:3f57:fea4%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{E9A87389-062B-4D38-BCA5-C2E8807752C5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\Users\Administrator>


C:\Users\Administrator>route print
===========================================================================
Interface List
24...........................RAS (Dial In) Interface
21...00 0c 29 9b 62 5f ......Intel(R) PRO/1000 MT Network Connection #2
11...00 0c 29 9b 62 55 ......Intel(R) PRO/1000 MT Network Connection
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.91 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.91 266
192.168.1.91 255.255.255.255 On-link 192.168.1.91 266
192.168.1.255 255.255.255.255 On-link 192.168.1.91 266
192.168.15.0 255.255.255.0 On-link 192.168.15.1 266
192.168.15.1 255.255.255.255 On-link 192.168.15.1 266
192.168.15.10 255.255.255.255 On-link 192.168.15.10 306
192.168.15.255 255.255.255.255 On-link 192.168.15.1 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.91 266
224.0.0.0 240.0.0.0 On-link 192.168.15.1 266
224.0.0.0 240.0.0.0 On-link 192.168.15.10 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.91 266
255.255.255.255 255.255.255.255 On-link 192.168.15.1 266
255.255.255.255 255.255.255.255 On-link 192.168.15.10 306
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:5ef5:79fd:3009:256c:3f57:fea4/128
On-link
13 306 fe80::/64 On-link
13 306 fe80::3009:256c:3f57:fea4/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

C:\Users\Administrator>

 

And the client information as I was unable to post it all in one go:

CLIENT

C:\Users\user>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : client1
Primary Dns Suffix . . . . . . . : demo.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : demo.local

PPP adapter NKT:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NKT
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.15.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-5D-42-24-20
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.73(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.3
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-E4-65
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IPv4 Address. . : 169.254.205.49(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F548E8FF-2F23-4A96-A428-337A49F9A1B8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BF0894E8-F3DB-4ADF-B84A-EC898D0FC144}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C5557665-EA55-4CAB-9CEB-BB3528358696}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.10.0.0.1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\Users\user>

C:\Users\user>route print
===========================================================================
Interface List
15...00 21 5d 42 24 20 ......Intel(R) WiFi Link 5100 AGN
28...08 00 27 00 e4 65 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.3 10.0.0.73 26
10.0.0.0 255.255.255.0 On-link 10.0.0.73 281
10.0.0.73 255.255.255.255 On-link 10.0.0.73 281
10.0.0.255 255.255.255.255 On-link 10.0.0.73 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.205.49 276
169.254.205.49 255.255.255.255 On-link 169.254.205.49 276
169.254.255.255 255.255.255.255 On-link 169.254.205.49 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.205.49 276
224.0.0.0 240.0.0.0 On-link 10.0.0.73 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.205.49 276
255.255.255.255 255.255.255.255 On-link 10.0.0.73 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.0.0.3 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

C:\Users\user>

 

I am pretty sure it's something to do with the routing. But I am unsure where to do the routing? At the router level? On the VPN Client, on the Server? Or on all three?

 

Thanks in advance

Posted
The gateway 0.0.0.0 on client cannot be correct. It should be blank or assigned.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...