Re: VPN connection works, lan access fails
- From: "Bill Grant" <not.available@online>
- Date: Mon, 11 Apr 2005 10:53:42 +1000
If they are all in the same IP subnet, you shouldn't need routing
enabled anywhere and you shouldn't need to add any routes! There is no
"real" routing going on because they are all in the same IP subnet. The VPN
server should just forward the traffic on to the LAN, and do proxy ARP on
the LAN to pick up replies for the remotes. As far as TCP/IP is concerned,
they are all in the same IP subnet and on the same segment.
Are the servers on a switched network? Some switches don't handle proxy
ARP the same way as standard Ethernet hubs. If that is the problem, you
might need to put the remotes in a different IP subnet and route them
through the VPN server. (ie enable IP routing on it and make sure that the
traffic for the remote subnet is routed through the LAN to the VPN server if
it is not the default gateway of the LAN).
Doug Leece wrote:
> Hi Bill,
>
> Sadly we are broken down at the IP level, I can't connect
> to any devices in the private subnet. The SBS/RRAS server
> is in the same subnet as the servers I am trying to
> connect to via IP address. I just finished loading up
> network monitor and I can see from the logs that the
> source IP of the PPTP client is 192.168.100.161, I have a
> route from 192.168.100.161 to 192.168.100.162 on the RRAS
> box. I can even ping 192.168.100.162 from a server in the
> private LAN, ( eg 192.168.100.15/24) but from the PPTP
> client and cannot ping 192.168.100.15.
>
> I suspect I need to enable routing someplace but I have
> already turned it on in the RRAS setup. ( Disabling
> routing to LAN doesn't seem to make any difference either.)
>
> Thanks again for any thought s you might have, this one is
> really strange.
> Doug Leece
>
>> -----Original Message-----
>> Is it a routing or a name resolution problem? Can you ping a LAN
>> machine by using its IP address?
>>
>> If you can't even ping by IP, are the remotes receiving IP
>> addresses in the same subnet as the LAN machines?
>>
>> Doug Leece wrote:
>>> Hi all,
>>> I have rebuilt this config a dozen times and scoured the
>>> news groups but I can't find the solution. Using SBS 2003
>>> and the PPTP clients for XP or 2000 I cna connect to the
>>> RAS server just fine. I pick up a local address from the
>>> DHCP pool and I can ping the SBS server dedicated address,
>>> my new PPTP ip address and the IP address that shows up in
>>> RRAS manager as internal. I cannot connect to anything
>>> else in the private lan though. If i remote desktop onto
>>> the RRAS box then I can access all things in the lan just
>>> fine.
>>>
>>> This is a dual NIC server with one disabled, all
>>> connections pass through a router. I also have this
>>> working in two other sites, only different is I used the
>>> Dell SBS2003 server load instead of MS original. Any
>>> ideas, it looks like routing but netstat -rn indicates
>>> things are as they should be.
>>
>>
>> .
.
- Follow-Ups:
- Re: VPN connection works, lan access fails
- From: Doug Leece
- Re: VPN connection works, lan access fails
- From: Doug Leece
- Re: VPN connection works, lan access fails
- References:
- VPN connection works, lan access fails
- From: Doug Leece
- Re: VPN connection works, lan access fails
- From: Bill Grant
- Re: VPN connection works, lan access fails
- From: Doug Leece
- VPN connection works, lan access fails
- Prev by Date: Command Line (Batch) Disconnect User
- Next by Date: Re: Command Line (Batch) Disconnect User
- Previous by thread: Re: VPN connection works, lan access fails
- Next by thread: Re: VPN connection works, lan access fails
- Index(es):
Relevant Pages
|
