Re: RRAS doesn't R
- From: "Doug Sherman [MVP]" <nodspamherman@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 13 Oct 2006 10:40:06 -0400
Did you run route add on the server or the client? It should work on the
client - don't think you need the metric. However, the SQL servers also
need a route to 192.168.0.x - probably they are sending replies to
192.168.1.2 instead of 192.168.1.254.
Doug Sherman
MCSE, MCSA, MCP+I, MVP
"Briscobar" <youcant@xxxxxxxxxxxxxx> wrote in message
news:#j36$It7GHA.4996@xxxxxxxxxxxxxxxxxxxxxxx
Hello all,VPN
Let me give you a little background here:
A remote user now needs access to our network. She needs to connect via
and have DNS work, basically. She needs to run a couple programs thaton
require network connectivity, since they access SQL servers located here
our network. So here's what I did.our
Our office is only one subnet. 192.168.1.x. It runs fine and everyone's
happy. The thing is, I want the VPN users to be logically separated from
network. So I threw a new NIC into the VPN-server-to-be and put that NICon
its own subnet (192.168.0.x).(same
For reference, the VPN-server-to-be has 2 IP addresses: 192.168.1.254
subnet as the rest of our network)ports.
192.168.0.29 (this is for the VPN subnet)
Then I installed RRAS. Yay! It installed! I gave the appropriate users
permissions to dial in. I forwarded ports on the firewall. I connected to
the VPN from my machine here at work, so I know that I can dial in. I
connected to my machine from home, so I know the router is forwarding
The "RAS" part of RRAS is working fine. It's the first R that I'm havingGreat.
trouble with.
When I dial in, I'm assigned an IP address on the 192.168.0.x subnet.
From the VPN client, I can ping the VPN server at 192.168.0.29. Yay!as
Connectivity! But that's as far as I can go. It's the routing between the
192.168.0.x and 192.168.1.x subnets that has my panties in a twist.
Maybe I'm an idiot and don't know how to use static routes. Maybe the darn
thing just doesn't work. I don't know, and frankly I don't care, as long
I can get it to work. I've spent 2 days on this thing, and all my VPNat
clients can do is access the VPN server. They can't access other network
resources, by IP or by name (obviously, since routing isn't getting done
all between the subnets).===========================================================================
Again, here's my setup:
Dataman (my VPN Server)
NIC1:
IP: 192.168.1.254
SM: 255.255.255.0
DG: 192.168.1.2
DNS: 192.168.1.5
NIC2:
IP: 192.168.0.29
SM: 255.255.255.0
DG: (none)
DNS: 192.168.1.5
VPN Clients get an IP on the 192.168.0.x subnet.
Here's the routing table from a "route print" done on Dataman, the VPN
server:
IPv4 Route Table
Interface List===========================================================================
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 60 67 30 ae cb ...... Intel 21140-Based PCI Fast Ethernet
Adapter
(Generic)
0x10004 ...00 17 31 c3 d5 f4 ...... Marvell Yukon 88E8053 PCI-E Gigabit
Ethernet
Controller
===========================================================================
Active Routes:Metric
Network Destination Netmask Gateway Interface
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.25410
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.11
192.168.0.0 255.255.255.0 192.168.0.29 192.168.0.2920
192.168.0.2 255.255.255.255 192.168.0.11 192.168.0.111
192.168.0.11 255.255.255.255 127.0.0.1 127.0.0.150
192.168.0.29 255.255.255.255 127.0.0.1 127.0.0.120
192.168.0.255 255.255.255.255 192.168.0.29 192.168.0.2920
192.168.1.0 255.255.255.0 192.168.1.254 192.168.1.2541
192.168.1.254 255.255.255.255 127.0.0.1 127.0.0.11
192.168.1.255 255.255.255.255 192.168.1.254 192.168.1.2541
224.0.0.0 240.0.0.0 192.168.0.29 192.168.0.2920
224.0.0.0 240.0.0.0 192.168.1.254 192.168.1.2541
255.255.255.255 255.255.255.255 192.168.0.29 192.168.0.291
255.255.255.255 255.255.255.255 192.168.1.254 192.168.1.2541
Default Gateway: 192.168.1.2===========================================================================
Persistent Routes:work.
None
Anyone? Slightest hint as to how I can route between the two networks? I
feel like a total doofus. I tried a "route add", but it didn't seem to
I tried "route add 192.168.1.0 mask 255.255.255.0 192.168.0.29 metric 3 IFroute
3" but that didn't work. What I expect that route print to do is add a
for all traffic to the 192.168.1.0 subnet from the 192.168.0.0 subnet, via
the gateway 192.168.0.29 (which is the VPN server itself). But that's a no
go. Am I wrong in trying that?
I've googled, technetted, tried every combination I could think of. And
nothing. This VPN sh1t is for the birds, I'll tell you that.
Break it down for me like I'm an idiot, which I am. Thanks.
Ken
.
- Follow-Ups:
- Re: RRAS doesn't R
- From: Briscobar
- Re: RRAS doesn't R
- References:
- RRAS doesn't R
- From: Briscobar
- RRAS doesn't R
- Prev by Date: Re: RRAS doesn't R
- Next by Date: Re: RRAS doesn't R
- Previous by thread: Re: RRAS doesn't R
- Next by thread: Re: RRAS doesn't R
- Index(es):
Relevant Pages
|
Loading
