Re: Server 2003 RRAS Routing
- From: "Myxx" <Myxx@xxxxxxx>
- Date: Mon, 4 Aug 2008 17:25:48 -0700
Thanks Bill. I appreciate your input and feedback.
All clients are remote, in that they are all home users. I did indeed
disable the "use default gateway" switch, mostly for bandwidth reasons at
the main site. I didn't want all Internet traffic going through the VPN and
then back out the corporate Internet. At the time, it seemed the lesser of
two evils.
As it stands, my only solution has been to assign static IPs through AD
dial-in permissions, then write a script for each user that adds the remote
route based on the assigned IP. Not a wonderful solution, but since I also
have to have them map drives, I guess it's not such a terrible hassle to add
that in.
Out of curiosity, how do I enable Internet routing through RRAS? I know
that's a newbie question, but I'm somewhat of a newbie to RRAS. Unless I
disable that switch, users get no internet at all, only access to the
corporate systems.
Thanks,
Myxx
"Bill Grant" <not.available@online> wrote in message
news:u2sflqE9IHA.2332@xxxxxxxxxxxxxxxxxxxxxxx
"Myxx" <Myxx@xxxxxxx> wrote in message
news:0NLkk.2436$3l5.1811@xxxxxxxxxxxxxxx
Hey Windows Server community,
Got a quick one to run by you all. Thanks for taking the time to read
through it, and for any responses.
I've got a 2-site organization. Each site has independent Internet T1,
as well as an MPLS T1 joined by 2 Cisco routers. All devices inside the
network use the MPLS routers as their default gateways. So, no problem
with talking back and forth. All that is fine.
Where I have a problem is with static routes through RRAS.
The RRAS server (for PPTP VPN connections) is in one office at
hypothetical IP 10.0.0.3, and it's gatway is the MPLS router at
hypothetical 10.0.0.5. So no problems with routing there.
The remote office server is on IP192.0.0.2, with a gateway of 192.0.0.5,
the MPLS router.
Users in each office can connect to local and MPLS connected systems
without a problem. However, when any user attempts to connect to the
VPN, they only get routes for the subnet local to the RRAS server.
Though I have created static routes in the RRAS configuration area, those
routes aren't propogated out to the client.
I can do manual 'route add' to get the routes to the clients, using the
PPP interface as the gateway, but that's a lame solution, that doesn't
really scale, especially to a non-technical audients. And I don't want
to create post-vpn connection batch files they have to run each time.
However, when I add the routes manually, all traffic can get through, and
all servers are accessible. So it's not a routing problem per se, it's a
static route problem.
Any thoughts out there as to why this might be happening, and what I can
do to get it working?
Thanks!
Where are the remote clients? Are they connecting from outside (ie not
in either site)?
You should not need any routes on the client. By default it will send
all traffic through the VPN connection (unless you disable the "use
default gateway...." switch). If you disable that it will only send subnet
traffic through the tunnel for the subnet matching the received IP.
If you have disabled that switch you are on your own. You cannot
pre-configure routes because there is no address you can use as the
gateway address (since this isn't allocated until the VPN connection is
made). In RRAS you can use a demand-dial interface, but that doesn't exist
in the client OS.
The only viable solution is to have a script which runs when the client
connects. The script would need to get the IP address of the connection
and plug it into the route commands.
.
- Follow-Ups:
- Re: Server 2003 RRAS Routing
- From: Bill Grant
- Re: Server 2003 RRAS Routing
- References:
- Server 2003 RRAS Routing
- From: Myxx
- Re: Server 2003 RRAS Routing
- From: Bill Grant
- Server 2003 RRAS Routing
- Prev by Date: How to setup remote DOMAIN in my DNS
- Next by Date: Re: Wireless Security
- Previous by thread: Re: Server 2003 RRAS Routing
- Next by thread: Re: Server 2003 RRAS Routing
- Index(es):
Relevant Pages
|
Loading
