Re: Windows 2003 VPN Default Gateway Issues
- From: "tomger221" <tomger221@xxxxxxxxxxx>
- Date: 2 Oct 2006 09:47:02 -0700
Results of net view and share while connected internally
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\tgerstner.ADPUBSAFE>net share
Share name Resource Remark
-------------------------------------------------------------------------------
IPC$ Remote IPC
ADMIN$ C:\WINDOWS Remote Admin
C$ C:\ Default share
admin C:\admin
D D:\
E E:\
Muzic C:\Documents and
Settings\tgerstner.ADPUBSAFE\Desktop\old_Docs\My M
usic
NewShare C:\NewShare
The command completed successfully.
C:\Documents and Settings\tgerstner.ADPUBSAFE>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Room-259-BB
Primary Dns Suffix . . . . . . . : AD.Pubsafe.rutgers.edu
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad.pubsafe.rutgers.edu
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT
Network Connect
ion
Physical Address. . . . . . . . . : 00-0D-56-FB-73-99
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 172.20.135.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.20.130.193
DHCP Server . . . . . . . . . . . : 172.20.135.2
DNS Servers . . . . . . . . . . . : 165.230.193.117
165.230.143.222
128.6.233.194
172.20.135.2
Lease Obtained. . . . . . . . . . : Monday, October 02, 2006
11:14:02 AM
Lease Expires . . . . . . . . . . : Monday, October 02, 2006
7:14:02 PM
PPP adapter ANY:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.135.152
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 165.230.193.117
128.6.233.194
Primary WINS Server . . . . . . . : 165.230.193.117
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\tgerstner.ADPUBSAFE>net view 172.20.135.152
Shared resources at 172.20.135.152
Share name Type Used as Comment
-------------------------------------------------------------------------------
admin Disk
D Disk
E Disk
Muzic Disk
NewShare Disk
The command completed successfully.
C:\Documents and Settings\tgerstner.ADPUBSAFE>
tomger221 wrote:
Think I may have found it, looks like its an issue with my basic VPN
conifiguration....
Cause: A static IP address pool is configured but there are no routes
back to the remote access VPN clients.
Solution: If the VPN server is configured to use a static IP address
pool, verify that the routes to the ranges of addresses defined by the
static IP address pool are reachable by the hosts and routers of the
intranet. If not, then IP routes consisting of the address ranges of
the static IP address pool, as defined by the IP address and mask of
each range, must be added to the routers of the intranet, or the
routing protocol of your routed infrastructure on the VPN server must
be enabled. If the routes to the remote access VPN client subnets are
not present, remote access VPN clients cannot receive traffic from
locations on the intranet. A route for the network is implemented
either through static routing entries or through a routing protocol,
such as Open Shortest Path First (OSPF) or Routing Information Protocol
(RIP).
If the VPN server is configured to use DHCP for IP address allocation,
and no DHCP server is available, the VPN server allocates addresses
from the Automatic Private IP Addressing (APIPA) address range from
169.254.0.1 through 169.254.255.254. Allocating APIPA addresses for
remote access clients works only if the network to which the VPN server
is attached is also using APIPA addresses.
If the VPN server is using APIPA addresses when a DHCP server is
available, verify that the proper adapter is selected from which to
obtain DHCP-allocated IP addresses. By default, the VPN server randomly
chooses the adapter to use to obtain IP addresses through DHCP. If
there is more than one LAN adapter, then the Routing and Remote Access
service may choose a LAN adapter for which there is no DHCP server
available.
If the static IP address pool consists of ranges of IP addresses that
are a subset of the range of IP addresses for the network to which the
VPN server is attached, verify that the ranges of IP addresses of the
static IP address pool are not assigned to other TCP/IP nodes, either
through static configuration or through DHCP.
My NICS are set as follows.
Private 172.20.130.201- no gateway
Public 165.230.193.118- regular gateway for that subnet.
My static IP pool is set to 172.20.135.150 to 160, as that is my user
network here. If I am logged into my workstation from work, I can
access all from the VPN, whether I choose the dial up at login or run
the VPN after logging in. If I do it from a remote machine outside my
network, no good. Unfortunately I cant test the VPN for another hour,
someone else is on my test box.
Robert L [MVP - Networking] wrote:
make sure no firewall blocks the file sharing and make you have enable sharing. On the remote computer, do net share and net view \\localIP. Post back with the result.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"tomger221" <tomger221@xxxxxxxxxxx> wrote in message news:1159780665.991137.196700@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Also when I attempt the \\Net view ServerIP command on the server I'm
connected to I get
System error 53 has occurred.
The network path was not found.
I can ping the server by name and IP when connected.
Bill Grant wrote:
> As Bob said, the default gateway on the client is not the problem. The
> default gateway will always be the "received" IP address. What that really
> means is that the default gateway for the client is the VPN connection,
> which is what you want it to be.
> It will only change if you clear the "Use default gateway.." check box,
> which I wouldn't recommend. The default setting is what you need.
>
> The client and the server are not in different subnets. If you click on
> the connection icon on the client and look at the "details" tab, you will
> see that the client and server both have IP addresses from your address
> pool. If you can ping the server, your VPN connection is working. If you
> can't see shares, it is probably a permission issue.
>
> The credentials used by the remote client are the ones from its
> original logon, not the ones used to set up the VPN connection. To log in
> using the credentials you enter at connection time, you have to use the
> "login using a dialup connection" option in the login dialog box, not just
> set up a VPN connection from an already logged-in computer.
>
> "Robert L [MVP - Networking]" <noreply@xxxxxxxxxxx> wrote in message
> news:eWfZkUW5GHA.3960@xxxxxxxxxxxxxxxxxxxxxxx
> If you can ping the server or remote resources, the route is not issue here.
> What do you receive if using net view \\serverIP?
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on
> http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on
> http://www.HowToNetworking.com
> "tomger221" <tomger221@xxxxxxxxxxx> wrote in message
> news:1159704630.777039.310470@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> To All:
> Iv'e recently set up a Windows 2003 VPN server, client connecting are
> XP.
> I can connect with no problem but when I attempt to map or access any
> other network resources it is no good. I cant even map to a share on
> the Server I connect to, I get "Network not found". I can ping this
> server by name and IP once connected. I have configured the VPN server
> to assign an IP address based on a pool of 10 private addresses. Server
> is multi-homed with cards pointing to 2 different subnets, one public,
> one private.
> What I did notice is that when I run an IPCONFIG /all the Ip and DNS
> are good but the Gateway is the static IP that is assigned to the VPN
> client by the Server. Since the server and the clients are on different
> IP ranges do I need to create a static route for the clients? If not
> what determines the how the gateway is assigned to the connecting
> clients? As an aside, I also played with the "Use default gateway on
> remote network", didnt make a difference if it was on or off as far as
> connecting to shares.
> Any help is appreciated.
> Thanks,
> Tom
------=_NextPart_000_0037_01C6E604.EC7276E0
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Google-AttachSize: 5706
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV>make sure no firewall blocks the file sharing and make you have enable
sharing. On the remote computer, do net share and net view <A
href="file://\\localIP">\\localIP</A>. Post back with the result.</DIV>
<DIV><BR>Bob Lin, MS-MVP, MCSE & CNE<BR>Networking, Internet, Routing, VPN
Troubleshooting on <A
href="http://www.ChicagoTech.net";>http://www.ChicagoTech.net</A> <BR>How to
Setup Windows, Network, VPN & Remote Access on <A
href="http://www.HowToNetworking.com";>http://www.HowToNetworking.com</A> </DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"tomger221" <<A
href="mailto:tomger221@xxxxxxxxxxx";>tomger221@xxxxxxxxxxx</A>> wrote in
message <A
href="news:1159780665.991137.196700@xxxxxxxxxxxxxxxxxxxxxxxxxxxx";>news:1159780665.991137.196700@xxxxxxxxxxxxxxxxxxxxxxxxxxxx</A>...</DIV>Also
when I attempt the <A href="file://\\Net">\\Net</A> view ServerIP command on
the server I'm<BR>connected to I get<BR> System error 53 has
occurred.<BR>The network path was not found.<BR>I can ping the server by name
and IP when connected.<BR><BR>Bill Grant wrote:<BR>> As Bob said, the
default gateway on the client is not the problem. The<BR>> default gateway
will always be the "received" IP address. What that really<BR>> means is
that the default gateway for the client is the VPN connection,<BR>> which
is what you want it to be.<BR>> It will only change if you clear the "Use
default gateway.." check box,<BR>> which I wouldn't recommend. The default
setting is what you need.<BR>><BR>> The client
and the server are not in different subnets. If you click on<BR>> the
connection icon on the client and look at the "details" tab, you will<BR>>
see that the client and server both have IP addresses from your
address<BR>> pool. If you can ping the server, your VPN connection is
working. If you<BR>> can't see shares, it is probably a permission
issue.<BR>><BR>> The credentials used by
the remote client are the ones from its<BR>> original logon, not the ones
used to set up the VPN connection. To log in<BR>> using the credentials you
enter at connection time, you have to use the<BR>> "login using a dialup
connection" option in the login dialog box, not just<BR>> set up a VPN
connection from an already logged-in computer.<BR>><BR>> "Robert L [MVP
- Networking]" <<A
href="mailto:noreply@xxxxxxxxxxx";>noreply@xxxxxxxxxxx</A>> wrote in
message<BR>> <A
href="news:eWfZkUW5GHA.3960@xxxxxxxxxxxxxxxxxxxx";>news:eWfZkUW5GHA.3960@xxxxxxxxxxxxxxxxxxxx</A>...<BR>>
If you can ping the server or remote resources, the route is not issue
here.<BR>> What do you receive if using net view <A
href="file://\\serverIP">\\serverIP</A>?<BR>><BR>> Bob Lin, MS-MVP, MCSE
& CNE<BR>> Networking, Internet, Routing, VPN Troubleshooting
on<BR>> <A
href="http://www.ChicagoTech.net";>http://www.ChicagoTech.net</A><BR>> How
to Setup Windows, Network, VPN & Remote Access on<BR>> <A
href="http://www.HowToNetworking.com";>http://www.HowToNetworking.com</A><BR>>
"tomger221" <<A
href="mailto:tomger221@xxxxxxxxxxx";>tomger221@xxxxxxxxxxx</A>> wrote in
message<BR>> <A
href="news:1159704630.777039.310470@xxxxxxxxxxxxxxxxxxxxxxxxxxxx";>news:1159704630.777039.310470@xxxxxxxxxxxxxxxxxxxxxxxxxxxx</A>...<BR>>
To All:<BR>> Iv'e recently set up a Windows 2003 VPN server,
client connecting are<BR>> XP.<BR>> I can
connect with no problem but when I attempt to map or access
any<BR>> other network resources it is no good. I cant even map
to a share on<BR>> the Server I connect to, I get "Network not
found". I can ping this<BR>> server by name and IP once
connected. I have configured the VPN server<BR>> to assign an
IP address based on a pool of 10 private addresses. Server<BR>>
is multi-homed with cards pointing to 2 different subnets, one
public,<BR>> one private.<BR>> What I did notice
is that when I run an IPCONFIG /all the Ip and DNS<BR>> are
good but the Gateway is the static IP that is assigned to the
VPN<BR>> client by the Server. Since the server and the clients
are on different<BR>> IP ranges do I need to create a static
route for the clients? If not<BR>> what determines the how the
gateway is assigned to the connecting<BR>> clients? As an
aside, I also played with the "Use default gateway on<BR>>
remote network", didnt make a difference if it was on or off as far
as<BR>> connecting to shares.<BR>> Any help is
appreciated.<BR>> Thanks,<BR>>
Tom<BR></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0037_01C6E604.EC7276E0--
.
- References:
- Windows 2003 VPN Default Gateway Issues
- From: tomger221
- Re: Windows 2003 VPN Default Gateway Issues
- From: Robert L [MVP - Networking]
- Re: Windows 2003 VPN Default Gateway Issues
- From: Bill Grant
- Re: Windows 2003 VPN Default Gateway Issues
- From: tomger221
- Re: Windows 2003 VPN Default Gateway Issues
- From: Robert L [MVP - Networking]
- Re: Windows 2003 VPN Default Gateway Issues
- From: tomger221
- Windows 2003 VPN Default Gateway Issues
- Prev by Date: Re: Windows 2003 VPN Default Gateway Issues
- Next by Date: Re: Windows 2003 VPN Default Gateway Issues
- Previous by thread: Re: Windows 2003 VPN Default Gateway Issues
- Next by thread: Re: Windows 2003 VPN Default Gateway Issues
- Index(es):
Relevant Pages
|
|
