Re: How to enable split/full tunnel while VPNed??
- From: "Bill Grant" <not.available@online>
- Date: Thu, 19 Jul 2007 21:10:47 +1000
I can't think of any way that you can get this to work with a static pool
of addressses which don't match the LAN IPs. If you read KB 254231 you will
see that the subnet route matches the "received" IP. That means that the
subnet route will be for 192.168.251.0/24 , not 192.168.0.0/24 . So no
traffic for 192.168.0.0 IPs will go across the VPNlink if you clear the "use
default gateway.." switch.
It should work if you use a static pool of addresses from 192.168.0.0
(say 192.168.0.240 to 192.168.0.249) and reserve those IPs in your DHCP
scope.
There is really no way to assign a default gateway or a static route
manually. What would you specify as the IP address of the interface? The
interface doesn't exist until the connection is made.
"Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:33565805-DFDC-4A50-9DFE-95473218E9D3@xxxxxxxxxxxxxxxx
Yes, IP routing is enabled. There's no routes specified in the Static
Routes
section. I've tried to add a static route 0.0.0.0 0.0.0.0 to point to the
default gateway on the LAN (192.168.0.254). I was thinking that the VPN
clients should see that default route in there and route everything to
that
ip. It didn't seem to work.
The VPN server's local lan ips are 192.168.0.0-254 (Class C). The pool
for
VPN clients is 192.168.251.0-254 (class C).
"Bill Grant" wrote:
No, you cannot specify a default gateway in that case. If you clear
the
"use default gateway..." switch, the default gateway remains the same as
it
was before, so that you can still access the Internet. Instead you get a
subnet route to the remote site. Is IP routing enabled on the VPN server
so
that it can route between the LAN subnet and your address pool subnet?
"Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9511098F-5308-46CC-9F9A-F3F2E4D0E5A3@xxxxxxxxxxxxxxxx
I tried that but as soon as I do that, I can't connect to any resources
on
the remote network.
I have a static address pool setup but I didn't see any spot in there
where
I can specify a default gateway or dns info. (I can only input an
address
range)
"Bill Grant" wrote:
By default a client will have its default gateway set to the VPN
tunnel,so all non-local traffic goes over the VPN link.. To keep your
existing gateway you clear the "use default gateway on remote network"
in
the client's connection properties. The client then only gets a subnet
route
through the tunnel. See KB 254231 for more details.
"Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A70A6A32-1E19-4C80-9D1C-21ECC1F8BE41@xxxxxxxxxxxxxxxx
I'm running a Windows 2003 Small Business Server and I setup remote
access
on
it. I'm using PPTP. I've opened up port 1723 and GRE Protocol 47
to
be
forwarded to the server thru the router/firewall. I can connect to
the
server remotely and access internal resources. However, I can't
Internet
when I'm VPNed in.
1. Is there a way to enable split (sometimes called full) tunnel so
that
I
can access the Internet while I'm VPNed in?
2. Are users restricted to only 1 session? What I mean by that is
can
I
just create a user called Remote or whatever and then have multiple
users
use
that same account?
.
- References:
- Re: How to enable split/full tunnel while VPNed??
- From: Bill Grant
- Re: How to enable split/full tunnel while VPNed??
- From: Bill Grant
- Re: How to enable split/full tunnel while VPNed??
- From: Gilbert
- Re: How to enable split/full tunnel while VPNed??
- Prev by Date: Re: Vista wireless using IAS and WPA-Enterprise
- Next by Date: Re: Domain Controllers Accross a VPN
- Previous by thread: Re: How to enable split/full tunnel while VPNed??
- Next by thread: Re: How to enable split/full tunnel while VPNed??
- Index(es):
Relevant Pages
|
