Re: RRAS-VPN-Static Pool-Default Gateway assignment

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Bill Grant (not.available_at_online)
Date: 05/18/04 

Date: Tue, 18 May 2004 11:30:52 +1000

  The default gateway is not your problem. That is the correct behavior. The
default gateway for you VPN client is the "received" IP because that is the
address of the VPN link to the VPN server. What it really means is that all
non-local traffic will go over the point-to-point link to the VPN server.

    If you cannot ping a LAN client by IP address, something is wrong with
your server setup. Because you are using "on subnet" addresses for the VPN
client, the client and the LAN machine are in the same IP subnet, so no
routing takes place. The server relays the traffic from the remote onto the
LAN. The LAN client replies as if the remote was on the LAN. The server does
proxy ARP for the remote, gets the packet over the Ethernet and relays it to
the remote client. The server just acts as a proxy for the remote.

"Rick Csucsai" <rick@no-spammm.energyunited.com> wrote in message
news:#N1ejZFPEHA.3348@TK2MSFTNGP09.phx.gbl...
> I have a test network set up. I have on machine as the vpn server. LAN
side
> is 10.200.86.200 WAN side is 10.201.91.x and this is the side assigned to
> accept VPN connections. I have the VPN server set to use a static pool of
> addresses (10.200.86.106-10.200.86.107). As it is supposed to, the VPN
> server takes 10.200.86.106 for itself. The client VPNs in and gets the
> 10.200.86.107 as it's IP address. Problem is, it sets it's gateway as
> 10.200.86.107 (itself) which keeps the client from pinging anything else
> within the LAN (such as 10.200.86.231). Question is: How can I tell the
VPN
> server what IP address I want it to dish out to the client yet still use a
> pool as the IP address source. I know I can use full DHCP but it doesn't
> seem right that they would design it like this. 1 Alternative was to
> manually assign the client's address and specify the gateway as i see fit
> but i shouldn't have to do that. Is there something that I have not looked
> at yet that tells the VPN server what addres to use as the gateway for
> clients that it assigns an address to?
>
> Thanks
> Rick
>
>

Relevant Pages

  • Re: VPN clients unable to connect to other resources.
    ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
    (microsoft.public.windows.server.sbs)
  • RE: Problems with connectcomputer and active directory
    ... I understand that you would like to join a remote client to the domain. ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ... Create a VPN connection to ISA/RRAS on the Internet ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote connectivity problems
    ... do you mean you have added a remote client to SBS ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN clients unable to connect to other resources.
    ... Are you saying that an XP Home PC wouldn't be able to connect to a server share over VPN? ... Can ping the SBS but not the client PCs on the same network. ... gateway matches the IP of the remote client, ...
    (microsoft.public.windows.server.sbs)
  • Re: Secure VPN access
    ... with it's security option for the client. ... After getting the VPN connection I check the Ip settings and found the ... point to the head ISP's DNS server. ... > Computer certificates for L2TP/IPSec VPN connections ...
    (microsoft.public.windows.server.sbs)