Re: PPTP Site-to-Site VPN problem

Wendel,

Pls see the output below. The trace was carried out from a client on the
192.168.31.0 subnet who's default g/w points to the LAN NIC of the RRAS
server on the same subnet. NB: I've abbreviate the output to 4 hops. The
complete output continues giving "Request timed out".

Tracing route to 192.168.30.5 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.31.4
2 7 ms 7 ms 7 ms 192.168.31.110
3 * * * Request timed out.
4 * * * Request timed out.

192.168.31.110 is the IP address obtained by the RRAS servers PPP adapter
that is on subnet 192.168.30.0, so it appears to get as far as the RRAS
router on the other side of the VPN link but gets stuck there. I note also
that there is *no* default gateway set for the PPP adapter and so could this
be the cause?

I confirm that both servers are multi-homed with each having 1x NIC facing
the LAN with no default gateway set and the other NIC connected to the DSL
router with a static IP address and default gateway set.

Funnily enough, I am able to configure a VPN connection on a client on the
192.168.31.0 subnet to connect to the RRAS server on the 192.168.30.0 subnet
and it works fine.

Please let me know if you need any further info and thank you also for you
help so far.

Sergio


"Wendel Hamilton" <WendelHamilton@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:47D20B6B-F0E2-4F81-B9DC-7D51E883799F@xxxxxxxxxxxxxxxx
> Sergio,
> Ok I think it is a routing problem.
> use tracert -d to the remote server and workstations and see where it
> fails.
> Could you post the results?
> I assume that both servers are multi-homed servers. (2 NICs)
>
> "Sergio Ricci" wrote:
>
>> Yes. Deafult g/w points to the the internal NIC of the RRAS server.
>>
>> One thing I didn't mention if that both servers are DC's.
>>
>> Thanks for replying.
>> Sergio
>>
>> "Wendel Hamilton" <WendelHamilton@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> message news:0F15E7AE-11C1-4B7A-8476-5A85144B857D@xxxxxxxxxxxxxxxx
>> > Sergio,
>> > Does your clients default gateway point to your RRAS servers?
>> >
>> >
>> > "Sergio Ricci" wrote:
>> >
>> >> Hi,
>> >>
>> >> I've setup (or tired to) a site to site VPN using RRAS in Windows
>> >> 2003
>> >> SP1
>> >> but have a few issues that I hope you may be able to help me resolve:
>> >>
>> >> Subnet
>> >> 192.168.30.0/24<------------------------------------------>Subnet
>> >> 192.168.31.0/24
>> >>
>> >> ClientsA-------Server1----Router1--------Internet--------Router2---Server2-----ClientsB
>> >>
>> >> I have setup demand dial connections on both servers (windows
>> >> 2003+SP1)
>> >> and
>> >> they appear to work OK. Note that there are demand dial connections on
>> >> both
>> >> servers pointing to the other server. The servers can ping each other.
>> >> The
>> >> clients can ping the servers on their subnets but cannot ping any host
>> >> on
>> >> the other subnet.
>> >>
>> >> All this has led me to think (from other posts I have read) that there
>> >> may
>> >> be an issue with the user account and demand dial interface name but I
>> >> believe I have go them correct.
>> >>
>> >> Essentially I would like clients on one subnet to be able to
>> >> transparently
>> >> access and connect to servers/clients/hosts on the other subnet.
>> >>
>> >> I'm probably missing something quite obvious but at this moment just
>> >> can't
>> >> see what it is.
>> >>
>> >> Some other bit's of info that you may need: when I originally
>> >> configured
>> >> RRAS on both servers I did a custom configuration and selected: NAT,
>> >> Demand
>> >> Dial, Firewall, LAN Routing (from memory). All clients have internet
>> >> access.
>> >>
>> >> If you require any further info, please let me know.
>> >>
>> >> Thanks in advance for any help/pointers.
>> >>
>> >> Kind regards,
>> >> Sergio
>> >>
>> >>
>> >>
>>
>>
>>


.

Relevant Pages

  • Re: A duplicate name has been detected on the TCP network
    ... Load Balancing splits the work load between two servers. ... > |>Your computer only needs one IP address to communicate with the subnet. ... > |>Generally a machine with two NICs is called "multi-homed" and has each ...
    (microsoft.public.windows.server.networking)
  • Re: Medium Server Farm deployment
    ... > I have done farms both ways, with single NICS and with multiple NICS. ... All the servers must have at least ... >>different subnet (in the example one class B subnet and one class C ... today I read the chapter on deploying a medium server farm from ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: A duplicate name has been detected on the TCP network
    ... I understand using 2 nic's for routing, but I do not need to do routing one these servers. ... What you will do is create issues on your subnet when you ... |>Generally a machine with two NICs is called "multi-homed" and has each NIC ...
    (microsoft.public.windows.server.networking)
  • Re: Medium Server Farm deployment
    ... I have done farms both ways, with single NICS and with multiple NICS. ... All the servers must have at least 1 NIC ... >different subnet (in the example one class B subnet and one class C ... today I read the chapter on deploying a medium server farm from ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: PPTP Site-to-Site VPN problem
    ... The servers being DCs is not good, but it should not cause that problem. ... The VPN link should work like a IP router between them. ... should have a subnet route to the "other" subnet linked to the VPN ... >> Does your clients default gateway point to your RRAS servers? ...
    (microsoft.public.windows.server.networking)
Loading