Re: RRAS doesn't R
- From: "lowdes" <low_desert@xxxxxxxxx>
- Date: Fri, 13 Oct 2006 16:00:33 GMT
Any MCZEE would be able to do this without any issues, sorry Ken your MCNGP
brain dump doesn't help huh?
"Briscobar" <youcant@xxxxxxxxxxxxxx> wrote in message
news:%23egtz3s7GHA.1560@xxxxxxxxxxxxxxxxxxxxxxx
A technical question! Which is off-topic in this newsgroup! Let me give you
a little background here:
A remote user now needs access to our network. She needs to connect via
VPN and have DNS work, basically. She needs to run a couple programs that
require network connectivity, since they access SQL servers located here
on our network. So here's what I did.
Our office is only one subnet. 192.168.1.x. It runs fine and everyone's
happy. The thing is, I want the VPN users to be logically separated from
our network. So I threw a new NIC into the VPN-server-to-be and put that
NIC on its own subnet (192.168.0.x).
For reference, the VPN-server-to-be has 2 IP addresses: 192.168.1.254
(same subnet as the rest of our network)
192.168.0.29 (this is for the VPN subnet)
Then I installed RRAS. Yay! It installed! I gave the appropriate users
permissions to dial in. I forwarded ports on the firewall. I connected to
the VPN from my machine here at work, so I know that I can dial in. I
connected to my machine from home, so I know the router is forwarding
ports. The "RAS" part of RRAS is working fine. It's the first R that I'm
having trouble with.
When I dial in, I'm assigned an IP address on the 192.168.0.x subnet.
Great. From the VPN client, I can ping the VPN server at 192.168.0.29.
Yay! Connectivity! But that's as far as I can go. It's the routing between
the 192.168.0.x and 192.168.1.x subnets that has my panties in a twist.
Maybe I'm an idiot and don't know how to use static routes. Maybe the darn
thing just doesn't work. I don't know, and frankly I don't care, as long
as I can get it to work. I've spent 2 days on this thing, and all my VPN
clients can do is access the VPN server. They can't access other network
resources, by IP or by name (obviously, since routing isn't getting done
at all between the subnets).
Again, here's my setup:
Dataman (my VPN Server)
NIC1:
IP: 192.168.1.254
SM: 255.255.255.0
DG: 192.168.1.2
DNS: 192.168.1.5
NIC2:
IP: 192.168.0.29
SM: 255.255.255.0
DG: (none)
DNS: 192.168.1.5
VPN Clients get an IP on the 192.168.0.x subnet.
Here's the routing table from a "route print" done on Dataman, the VPN
server:
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 60 67 30 ae cb ...... Intel 21140-Based PCI Fast Ethernet
Adapter
(Generic)
0x10004 ...00 17 31 c3 d5 f4 ...... Marvell Yukon 88E8053 PCI-E Gigabit
Ethernet
Controller
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.254 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.29 192.168.0.29 20
192.168.0.2 255.255.255.255 192.168.0.11 192.168.0.11 1
192.168.0.11 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.0.29 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.29 192.168.0.29 20
192.168.1.0 255.255.255.0 192.168.1.254 192.168.1.254 1
192.168.1.254 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.1.255 255.255.255.255 192.168.1.254 192.168.1.254 1
224.0.0.0 240.0.0.0 192.168.0.29 192.168.0.29 20
224.0.0.0 240.0.0.0 192.168.1.254 192.168.1.254 1
255.255.255.255 255.255.255.255 192.168.0.29 192.168.0.29 1
255.255.255.255 255.255.255.255 192.168.1.254 192.168.1.254 1
Default Gateway: 192.168.1.2
===========================================================================
Persistent Routes:
None
Anyone? Slightest hint as to how I can route between the two networks? I
feel like a total doofus. I tried a "route add", but it didn't seem to
work. I tried "route add 192.168.1.0 mask 255.255.255.0 192.168.0.29
metric 3 IF 3" but that didn't work. What I expect that route print to do
is add a route for all traffic to the 192.168.1.0 subnet from the
192.168.0.0 subnet, via the gateway 192.168.0.29 (which is the VPN server
itself). But that's a no go. Am I wrong in trying that?
I've googled, technetted, tried every combination I could think of. And
nothing. This VPN sh1t is for the birds, I'll tell you that.
Break it down for me like I'm an idiot, which I am. Thanks.
Ken
.
- Follow-Ups:
- Re: RRAS doesn't R
- From: Briscobar
- Re: RRAS doesn't R
- References:
- OT: RRAS doesn't R
- From: Briscobar
- OT: RRAS doesn't R
- Prev by Date: Re: Is the ability to read Hex data like learning to read the matrix?
- Next by Date: Re: RRAS doesn't R
- Previous by thread: Re: OT: RRAS doesn't R
- Next by thread: Re: RRAS doesn't R
- Index(es):
Relevant Pages
|
