VPN Client Incorrect Netmask (Vista -> Win2K3)

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Mike Petito <petitomp@xxxxxxxxx>
Date: Thu, 13 Mar 2008 12:09:05 -0700 (PDT)

From my development machine running Windows Vista, I often have to

establish multiple VPN connections to Windows 2003 servers on
different networks (i.e. for maintenance at different hosting
environments).

In each case, the remote subnet that I connect to is a 10.x.y.z/24.
For example, the remote subnet might be 10.88.0.0/24 and I would
access IP addresses in the range 10.88.0.1 through 10.88.0.255. When
a particular VPN connection is established, my local routing table (as
the client) is modified with the following entries:

Network Destination Netmask Gateway Interface
Metric
10.0.0.0 255.0.0.0 10.88.0.80
10.88.0.81 21
10.88.0.81 255.255.255.255 On-link
10.88.0.81 276

This works just fine for one connection. Notice, however, that the
routing table entry states that the remote subnet is 10.0.0.0/8.
According to this post:

http://groups.google.com/group/microsoft.public.windows.server.networking/browse_thread/thread/8cfb7c2a1250dce0/f5531033487b698f?#f5531033487b698f

"Since the subnet mask depends only on the received IP it uses the old
class rules. So if it gets a 192.168.x.y address it uses a 24-bit
mask. If it gets a 10.x.y.z address it uses an 8-bit mask."

The problem arises when I establish an additional VPN connection to
any 10.x.y.z/24 subnet, for example, 10.88.1.0/24. The only network
that is accessible is the first. I need a way to convey to Windows
that in fact the remote network is not a /8, it is a /24, so that both
networks are accessible over VPN concurrently.

For each connection, the "use default gateway" option is unchecked.
It doesn't appear that there are any other significant connection
options for the routing of a VPN connection.

Does anyone know of a way to make this work?

.

Follow-Ups:
- Re: VPN Client Incorrect Netmask (Vista -> Win2K3)
  - From: Bill Grant

Prev by Date: 2003 server sessions management window has both ip addresses and n
Next by Date: No network provider accepted the given network path.
Previous by thread: 2003 server sessions management window has both ip addresses and n
Next by thread: Re: VPN Client Incorrect Netmask (Vista -> Win2K3)
Index(es):
- Date
- Thread

Relevant Pages

Re: Help VPN SBS2k3 error 871 & 800
... Error Message: VPN Connection Error 800: Unable to Establish Connection ... > PPTP can be used with a variety of Microsoft clients including Windows ... > your network administrator or read your corporate security policy. ... > establish security associations with servers that are located behind ...
(microsoft.public.backoffice.smallbiz2000)
Re: Remote Admin on a XP Pro client behind a NAT
... Thanks Doug. ... I'll try posting in the windows server group to see if the folks ... Per user Group Policy Restrictions for XP Home and XP Pro ... I have setup a VPN connection on a test machine and I can use ...
(microsoft.public.windowsxp.security_admin)
RE: VPN Connection from Vista
... specific Windows Vista client or all Windows Vista machines? ... Do you use L2TP-IPsec VPN connection behind NAT on Vista ... Microsoft Online Partner Support ...
(microsoft.public.isa)
RE: Strange results with Netmeeting over SBS 2003 VPN
... Which VPN clients software was used to set up the VPN connection. ... NetMeeting Issues That May Occur If You Use the Cisco Virtual ... Private Network Client ... 878451 How to turn on the Remote Desktop Sharing feature of Windows ...
(microsoft.public.windows.server.sbs)
Re: Cached Credentials
... I have a salesman who is going to be working from home, VPN connection ... Client is Windows XP sp2, domain is Windows 2003 R2, He has been ... able to login with no direct contact with the DC.. ... How can I set this up, I am trying to avoid him logging in locally. ...
(microsoft.public.windows.server.active_directory)