Re: VPN problem! remote net using same ip range?
From: Robert L [MS-MVP] (noreply_at_hotmail.com)
Date: 12/17/04
- Previous message: Bill Grant: "Re: map network drive from PPTP logon ?"
- In reply to: Bill Grant: "Re: VPN problem! remote net using same ip range?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 16 Dec 2004 23:01:21 -0600
Bill,
Thank you for the input. However, what we are talking about is after
modifying the routing. The following example shows that pathping 10.0.0.3
goes to 10.0.0.3 directly. After modifying the routing, it passes through
10.0.100.2 and then goes to 10.0.0.3.
C:\Documents and Settings\blin>pathping 10.0.0.3
Tracing route to mail.chicagotech.net [10.0.0.3]
over a maximum of 30 hops:
0 attbi1073 [10.0.0.25]
1 mail.chicagotech.net [10.0.0.3]
C:\Documents and Settings\blin>route add 10.0.0.3 mask 255.255.255.255
10.0.100.2
C:\Documents and Settings\blin>pathping 10.0.0.3
Tracing route to mail.chicagotech.net [10.0.0.3]
over a maximum of 30 hops:
0 attbi1073 [10.0.0.25]
1 10.0.100.2
2 mail.chicagotech.net [10.0.0.3]
-- For more and other information, go to http://www.ChicagoTech.net Don't send e-mail or reply to me except you need consulting services. Posting on MS newsgroup will benefit all readers and you may get more help. Bob Lin, MS-MVP, MCSE & CNE Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on http://www.ChicagoTech.net Networking Solutions, http://www.chicagotech.net/networksolutions.htm VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm VPN Process and Error Analysis, http://www.chicagotech.net/VPN%20process.htm VPN Troubleshooting, http://www.chicagotech.net/vpn.htm This posting is provided "AS IS" with no warranties. "Bill Grant" <not.available@online> wrote in message news:ezd1li84EHA.2016@TK2MSFTNGP15.phx.gbl... > It isn't really a security problem, because nothing will ever cross the > link. If the local IP subnet is the same as the remote subnet, nothing > will ever get to the VPN interface. If there is data to be sent to a > machine in the same IP subnet, TCP/IP will try to deliver it locally, > using the LAN NIC and hardware addressing. It will not try to route it. > > "Robert L [MS-MVP]" <noreply@hotmail.com> wrote in message > news:eiO4l074EHA.1400@TK2MSFTNGP11.phx.gbl... >> maybe if the ip routing is enabled. >> >> -- >> For more and other information, go to http://www.ChicagoTech.net >> >> Don't send e-mail or reply to me except you need consulting services. >> Posting on MS newsgroup will benefit all readers and you may get more >> help. >> >> Bob Lin, MS-MVP, MCSE & CNE >> Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on >> http://www.ChicagoTech.net >> Networking Solutions, http://www.chicagotech.net/networksolutions.htm >> VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm >> VPN Process and Error Analysis, >> http://www.chicagotech.net/VPN%20process.htm >> VPN Troubleshooting, http://www.chicagotech.net/vpn.htm >> This posting is provided "AS IS" with no warranties. >> "djc" <noone@nowhere.com> wrote in message >> news:u8mrnV74EHA.3648@TK2MSFTNGP11.phx.gbl... >>> could this situation also pose a security risk since a users vpn adapter >>> will have an ip that is accessible by all on that local lan then? >>> >>> "Robert L [MS-MVP]" <noreply@hotmail.com> wrote in message >>> news:eMi4lc64EHA.2124@TK2MSFTNGP15.phx.gbl... >>>> Theoretically, that will not work if both remote LAN and local LAN have >>> the >>>> same ip range. what you can try is modifying the routing table to force >>> the >>>> VPN client talk to the email server directly. >>>> >>>> -- >>>> For more and other information, go to http://www.ChicagoTech.net >>>> >>>> Don't send e-mail or reply to me except you need consulting services. >>>> Posting on MS newsgroup will benefit all readers and you may get more >>> help. >>>> >>>> Bob Lin, MS-MVP, MCSE & CNE >>>> Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting >>>> on >>>> http://www.ChicagoTech.net >>>> Networking Solutions, http://www.chicagotech.net/networksolutions.htm >>>> VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm >>>> VPN Process and Error Analysis, >>> http://www.chicagotech.net/VPN%20process.htm >>>> VPN Troubleshooting, http://www.chicagotech.net/vpn.htm >>>> This posting is provided "AS IS" with no warranties. >>>> "djc" <noone@nowhere.com> wrote in message >>>> news:uFKNHX44EHA.3376@TK2MSFTNGP12.phx.gbl... >>>> > user is unavailable at the moment.. will post when I can. Any general >>>> > bytes >>>> > of wisdom just based on knowing both remote and local network are >>>> > using >>>> > the >>>> > same private IP range? I'm at a loss right now and unfortunately, at >>> least >>>> > at the moment, I cannot re-create the scenario to start pounding on >>>> > it >>>> > myself. So i'm trying to get as much info on the subject as I can now >>>> > so >>> I >>>> > can hopefully make it work later when the user calls back. >>>> > >>>> > thanks for the reply and I will post the ipconfig /all output here >>>> > when >>> I >>>> > can... any info in the meantime is appreciated as well. >>>> > >>>> > thanks again. >>>> > >>>> > "Robert L [MS-MVP]" <noreply@hotmail.com> wrote in message >>>> > news:e$ql0R44EHA.2876@TK2MSFTNGP12.phx.gbl... >>>> >> posting the result of ipconfig /all here may help. >>>> >> >>>> >> -- >>>> >> For more and other information, go to http://www.ChicagoTech.net >>>> >> >>>> >> Don't send e-mail or reply to me except you need consulting >>>> >> services. >>>> >> Posting on MS newsgroup will benefit all readers and you may get >>>> >> more >>>> > help. >>>> >> >>>> >> Bob Lin, MS-MVP, MCSE & CNE >>>> >> Networking, Internet, Routing, VPN, Anti-Virus, Tips & >>>> >> Troubleshooting >>> on >>>> >> http://www.ChicagoTech.net >>>> >> Networking Solutions, >>>> >> http://www.chicagotech.net/networksolutions.htm >>>> >> VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm >>>> >> VPN Process and Error Analysis, >>>> > http://www.chicagotech.net/VPN%20process.htm >>>> >> VPN Troubleshooting, http://www.chicagotech.net/vpn.htm >>>> >> This posting is provided "AS IS" with no warranties. >>>> >> "djc" <noone@nowhere.com> wrote in message >>>> >> news:OZeokg34EHA.4040@TK2MSFTNGP14.phx.gbl... >>>> >> >I had a user call with problems working remotely. They connect and >>> login >>>> >> >via >>>> >> > VPN with no problem but Outlook 2000 is unable to communicate with >>> the >>>> >> > exchange 2000 server? (exchange server unavailable message). I >>> noticed >>>> >> > that >>>> >> > the remote network (a hotel) has assigned the remote computer an >>>> >> > address >>>> >> > that is in the same range as our own internal network? BUT the >>>> >> > remote >>>> >> > client >>>> >> > IS able to ping the exchange server both by name and IP. Could the >>>> > remote >>>> >> > network using the same IP config as our own internal network cause >>>> >> > problems? >>>> >> > How does the machine know what adapter to use when trying to >>>> >> > communicate >>>> >> > with our internal network? >>>> >> > >>>> >> > any info on this would be greatly appreciated... I'm not sure how >>>> >> > to >>>> >> > proceed. NOTE: client is using xp sp2 but the problem occurs even >>> with >>>> > the >>>> >> > firewall OFF. >>>> >> > >>>> >> > >>>> >> > >>>> >> >>>> >> >>>> > >>>> > >>>> >>>> >>> >>> >> >> > >
- Previous message: Bill Grant: "Re: map network drive from PPTP logon ?"
- In reply to: Bill Grant: "Re: VPN problem! remote net using same ip range?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
