Re: VPN connection can't route to lan
- From: "Doug Leece" <dleece@xxxxxxxxxxxx>
- Date: Tue, 12 Apr 2005 00:09:21 -0600
Hi Bill thanks for the help here.
Yes the two networks in question are on different subnets. I can't access
any other network devices on the network hosting the the SBS/RAS server via
netbios or tcpip just resources on the SBS. From the VPN client I can ping
192.168.100.151 and 100.12 as well as pinging the SBS by netbios name. I
would have thought that all traffic for the 192.168.100.0/24 network would
be considered local to the 192.168.100.12 and 192.168.100.151 interfaces.
Both addresses are pingable from inside the 192.168.100.0/24 network so
shouldn't the PPTP address given by the DHCP server, 146 in this case with
a route to 151, just pass through 151 to get to the local area ?
Here is the server config:
Windows IP Configuration
Host Name . . . . . . . . . . . . : cgy-sbs
Primary Dns Suffix . . . . . . . : MAXGP.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : MAXGP.local
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.100.151
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-11-43-5A-AA-D6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.100.12
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.100.254
DNS Servers . . . . . . . . . . . : 192.168.100.12
Primary WINS Server . . . . . . . : 192.168.100.12
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection #
2
Physical Address. . . . . . . . . : 00-11-43-5A-AA-D7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.96.74
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
Primary WINS Server . . . . . . . : 192.168.100.12
NetBIOS over Tcpip. . . . . . . . : Disabled
Here is the vpn client config:
Windows IP Configuration
Host Name . . . . . . . . . . . . : dadxp1
Primary Dns Suffix . . . . . . . : skymail.ca
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : skymail.ca
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink III ISAPNP
Ethernet A
dapter (Generic 3C509b)
Physical Address. . . . . . . . . : 00-60-08-2F-A0-49
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.60.11
Subnet Mask . . . . . . . . . . . : 255.255.255.224
Default Gateway . . . . . . . . . : 192.168.60.1
DNS Servers . . . . . . . . . . . : 192.168.60.1
192.168.60.6
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : 3Com 3C905TX-based Ethernet
Adapter
(Generic)
Physical Address. . . . . . . . . : 00-C0-4F-81-5C-35
PPP adapter be:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.100.146
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.100.146
DNS Servers . . . . . . . . . . . : 192.168.100.12
Primary WINS Server . . . . . . . : 192.168.100.12
Here are the known routes on the server:
C:\Documents and Settings\Administrator>netstat -rn
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 11 43 5a aa d6 ...... Intel(R) PRO/1000 MT Network Connection
0x160004 ...00 11 43 5a aa d7 ...... Intel(R) PRO/1000 MT Network Connection
#2
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.100.254 192.168.100.12 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
142.179.156.47 255.255.255.255 192.168.100.254 192.168.100.12 1
169.254.0.0 255.255.0.0 169.254.96.74 169.254.96.74 10
169.254.96.74 255.255.255.255 127.0.0.1 127.0.0.1 10
169.254.255.255 255.255.255.255 169.254.96.74 169.254.96.74 10
192.168.59.10 255.255.255.255 192.168.100.254 192.168.100.12 1
192.168.100.0 255.255.255.0 192.168.100.12 192.168.100.12 10
192.168.100.12 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.100.146 255.255.255.255 192.168.100.151 192.168.100.151 1
192.168.100.151 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.100.255 255.255.255.255 192.168.100.12 192.168.100.12 10
192.168.200.0 255.255.255.0 192.168.100.12 192.168.100.12 1
224.0.0.0 240.0.0.0 169.254.96.74 169.254.96.74 10
224.0.0.0 240.0.0.0 192.168.100.12 192.168.100.12 10
255.255.255.255 255.255.255.255 169.254.96.74 169.254.96.74 1
255.255.255.255 255.255.255.255 192.168.100.12 192.168.100.12 1
Default Gateway: 192.168.100.254
===========================================================================
Persistent Routes:
None
C:\Documents and Settings\Administrator>
"Bill Peng [MSFT]" <v-bpeng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:srGwhOmPFHA.3136@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Doug,
>
> Thank you for posting here.
>
> Please let me know whether you're able to access computers via \\IPAddress
or \\NetBIOS name.
>
> Please check the network subnets:
>
> 1. Remote local subnet.
> 2. Corporate LAN subnet.
>
> The above networks should not be on the same subnet. For example, if the
Corporate LAN is 192.168.0.x, the Remote local subnet should be on
> different subnet. (192.168.1.x as an example)
>
> Please configure the network connections and check whether the problem
persists. If the problem is not able to be resolved, please post the
> following info back:
>
> 1. Establish VPN connection to the SBS Server.
> 2. From the SBS Server, post the following commands' output:
> IPconfig /all
> Route print
> 3. From the remote computer, post the output of the above commands as
well.
>
> I hope the above info helps.
>
> Any update, let's get in touch.
>
> Bill Peng
> MCSE 2000, MCDBA
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> --------------------
> >From: "Doug Leece" <dleece@xxxxxxxxxxxx>
> >Subject: VPN connection can't route to lan
> >Date: Sat, 9 Apr 2005 17:55:09 -0600
> >Lines: 26
> >Organization: Newnet21
> >X-Priority: 3
> >X-MSMail-Priority: Normal
> >X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
> >Message-ID: <O00kw4VPFHA.3336@xxxxxxxxxxxxxxxxxxxx>
> >Newsgroups: microsoft.public.windows.server.sbs
> >NNTP-Posting-Host: s142-179-157-194.ab.hsia.telus.net 142.179.157.194
> >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
> >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:109900
> >X-Tomcat-NG: microsoft.public.windows.server.sbs
> >
> >Hi All,
> >I have rerun the RRAS wizard a dozen times, tried various manual
> >modifications and yet this problem persists. I have a single NIC SBS
server
> >and we use a firewall to forward TCP/1723 and GRE to the private SBS
> >address. The connection works great and I can access anything on the
> >SBS/RRAS server without a problem. What i can't do is connect to any
other
> >servers on the LAN, even though they are all on the same /24 subnet. The
> >remote VPN clients do pick up an address in the private /24 and the other
> >servers in the network can contact the IP address known as "internal" in
the
> >RRAS manager window. I have enabled/disabled LAN routing with no effect.
I
> >don't have IPSEC enabled or disabled, just the default DEL SBS install.
> >
> >I have this same setup working at two other sites with no issues, it was
> >almost too easy :-) I have compared configs and see nothing different.
The
> >only change is the other two sites used SBS 2003 from MS but this new
site
> >uses the SBS media from Dell. It looks lie the packets never leave the
SBS,
> >I used TCP dump and specific port to sniff for this on the private LAN.
> >
> >Any ideas would be greatly appreciated, we need VPN to access a couple of
> >internal serves, remote workplace on it's own is not enough
unfortunatly.
> >
> >Thanks in advance.
> >Doug Leece
> >Calgary Alberta
> >
> >
> >
>
>
.
- Follow-Ups:
- Re: VPN connection can't route to lan
- From: Bill Peng [MSFT]
- Re: VPN connection can't route to lan
- References:
- VPN connection can't route to lan
- From: Doug Leece
- RE: VPN connection can't route to lan
- From: Bill Peng [MSFT]
- VPN connection can't route to lan
- Prev by Date: Re: BizTalk Server still free to Premium owners?
- Next by Date: Re: OWA Premium Client Page not loading completely.
- Previous by thread: RE: VPN connection can't route to lan
- Next by thread: Re: VPN connection can't route to lan
- Index(es):
Relevant Pages
|
