PPTP issues including issues with routing

From: Sameer (ssnewsfiles_at_hotmail.com)
Date: 04/27/04

Next message: swissarmy: "Windows server 2003 proxy ARP?"
Previous message: Sameer: "PPTP issues with routing"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 26 Apr 2004 22:06:26 -0700

i have a win2k3 enterprise server. intially, i had only one NIC which was
acting as both the VPN termination point as well as the standard server NIC,
but i changed this to a two NIC setup.

anyways, the way it's set is as follows:

internet
||
||
||
||
broadband router
||
||
||
||
(int0)
firewall (int1)= = = = = = \VPN interface\
(int2) |
|| ||
|| ||
|| ||
|| |
/LAN interface/-----------win2k3 server

i've forwarded 1723 on the router to the VPN interface. the Win2k3's NIC's
are on separate subnets/vlans. while i know i can move the VPN interface to
the subnet/vlan that connects the router and the firewall, i rather not do
it this way. i want some protection afforded to the VPN server.

the firewall issues, i'll admit, were a bear, have been sorted out... so
there is no issue with the firewall anymore.

i'm followed the following two:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/rmotevpn.mspx#XSLTsection123121120120
http://support.microsoft.com/default.aspx?scid=kb;EN-US;323441

there are two things i need. first, i have an issue with routing. second i
need some clarification on my setup and how things work.

i understanding concepts will help me resolve my issue with routing.

first of all, what fields do i fill for the VPN interface? i take the
interface needs an IP address along with a subnet mask, so what do i do
about the default gateway and the dns servers? the first tutorial only
mentions the ip address as the subnet mask, so i'm confused.

second, i thought the VPN interface was inactive and only became active to
respond to VPN requests. so i'd assume it would only responds to VPN
requests, however, i can ping the interface. so what's where did i go
wrong?

as i've read, VPN traffic should flow in one interface, and out the other.
however, it doesn't seem to be doing this. so in otherwords, routing seems
to be broken. how do i fix this?

finally, i have problems accessing another system on the VPN interface
subnet. apparently, the addition of the new nic has taken over the route
for that subnet which is causing problems. i need to be able to override
this route, better yet drop the fact that the VPN NIC is the default gateway
for this subnet.

Next message: swissarmy: "Windows server 2003 proxy ARP?"
Previous message: Sameer: "PPTP issues with routing"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: DNS and Secondary DC
... I configured a VPN with another router from my home office to corporate. ... Corporate Office subnet 192.168.1.0 ... I have a Standard Windows 2003 Server ready to go. ... I know SBS is picky on how things are done. ...
(microsoft.public.backoffice.smallbiz)
Re: SBS to SBS Trusts
... Your subnet can be virtually anything. ... it depends on what the other server ... The other option is a VPN (which I ... >> valid username & password and it will create the VPN connection. ...
(microsoft.public.windows.server.sbs)
Re: VPN Client Incorrect Netmask (Vista -> Win2K3)
... server, "connection specific" DNS domain suffix, and the appropriate Subnet ... Mask from the DHCP server at the remote (VPN Server) side (if a DHCP Server ...
(microsoft.public.windows.server.networking)
Re: VPN separte subnet
... > you can use ISA to filter traffic on a VPN, then limit the access that is ... In establishing a different subnet than the LAN uses, ... > Once you have the VPN connection established, now you can invoke a server ...
(microsoft.public.backoffice.smallbiz2000)
RE: VPN issues
... SBS server are using a same subnet network. ... the local subnet does not need route. ... the remote client has the IP address which is in the ... Once the VPN client tries to access the ...
(microsoft.public.windows.server.sbs)