Re: How to enable split/full tunnel while VPNed??

Tech-Archive recommends: Speed Up your PC by fixing your registry

Yes, IP routing is enabled. There's no routes specified in the Static Routes
section. I've tried to add a static route 0.0.0.0 0.0.0.0 to point to the
default gateway on the LAN (192.168.0.254). I was thinking that the VPN
clients should see that default route in there and route everything to that
ip. It didn't seem to work.

The VPN server's local lan ips are 192.168.0.0-254 (Class C). The pool for
VPN clients is 192.168.251.0-254 (class C).


"Bill Grant" wrote:

No, you cannot specify a default gateway in that case. If you clear the
"use default gateway..." switch, the default gateway remains the same as it
was before, so that you can still access the Internet. Instead you get a
subnet route to the remote site. Is IP routing enabled on the VPN server so
that it can route between the LAN subnet and your address pool subnet?

"Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9511098F-5308-46CC-9F9A-F3F2E4D0E5A3@xxxxxxxxxxxxxxxx
I tried that but as soon as I do that, I can't connect to any resources on
the remote network.

I have a static address pool setup but I didn't see any spot in there
where
I can specify a default gateway or dns info. (I can only input an address
range)

"Bill Grant" wrote:

By default a client will have its default gateway set to the VPN
tunnel,so all non-local traffic goes over the VPN link.. To keep your
existing gateway you clear the "use default gateway on remote network" in
the client's connection properties. The client then only gets a subnet
route
through the tunnel. See KB 254231 for more details.

"Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A70A6A32-1E19-4C80-9D1C-21ECC1F8BE41@xxxxxxxxxxxxxxxx
I'm running a Windows 2003 Small Business Server and I setup remote
access
on
it. I'm using PPTP. I've opened up port 1723 and GRE Protocol 47 to
be
forwarded to the server thru the router/firewall. I can connect to the
server remotely and access internal resources. However, I can't
Internet
when I'm VPNed in.

1. Is there a way to enable split (sometimes called full) tunnel so
that
I
can access the Internet while I'm VPNed in?

2. Are users restricted to only 1 session? What I mean by that is can
I
just create a user called Remote or whatever and then have multiple
users
use
that same account?






.

Relevant Pages

  • Re: VPN and remote gateway
    ... > It seems you use the wrong route add command. ... > when the VPN connection is established. ... > | using the remote network as my gateway. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN routing
    ... A remote site connected by a point-to-point T1. ... We can connect with a VPN directly to the firewall's external ... The main firewall does have a static route for 10.0.3.0/24 through ...
    (comp.dcom.vpn)
  • Re: Route an external IP address via site to site vpn
    ... setup the site-to-site VPN connection thru 2 ISA 2004 servers? ... but the remote ISP not. ... We only need to add a static IP route on local ISA server to let the ISA ... Router add ExternalIP RemoteISAInternalIP ...
    (microsoft.public.windows.server.sbs)
  • Re: Adding Static route
    ... The server is a TS server for VPN clients. ... Our VPN does not have a problem because it will route ... back to the external IP of the client but the client cannot get to our ... I was thinking about putting the default gateway on the 172.xxx. ...
    (microsoft.public.windows.server.networking)
  • Re: CMAK 1.3 Route Add
    ... CMAK like we want to do it, one needs to turn on the "use gateway on remote ... VPN first, but you also want one or more network ranges to go through the ... I am unable to use the A/D add status route option in this ...
    (microsoft.public.win2000.ras_routing)