Static routes for RAS clients

I admin a network set up in two segments:  192.168.5.x containing windows servers and clients and 192.168.6.x containing unix servers.  This works fine for everyone in the office since the default gateway is the main router.  However remote clients have the "Use default gateway on remote network" unchecked in the VPN TCP/IP properties to maintain internet access.  This means that whilst the RAS server gives out a route for the 192.168.5.x destination (router set as the ip of the client) there is no route to 192.168.6.x.

I've tried to fix this by adding a 033 static route option to the DHCP server providing the lease to the VPN client to map dest. 192.168.6.0 to router 192.168.5.1 which works when added to a client manually.  However the DHCP server doesn't seem to push this option out - or if it does the client won't pick it up (or the RAS server doesn't pass this option along).

If you know of a way to solve this by whatever means, that would be great.
shildrewAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

victorbxCommented:

both networks connected directly to the router ?

where the ras is sitting ?

what kind of vpn/dhcp  ?


victor
0
victorbxCommented:

both networks connected directly to the router ?

where the ras is sitting ?

what kind of vpn/dhcp  ?


victor
0
svenkarlsenCommented:
Have you tried adding the static route for 192.168.6.x. to the RAS Server ?
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

shildrewAuthor Commented:
victorbx -
both network segments are connected directly to a cisco router.  the ras is sitting on the windows (5.x) network (& is not the router).  
The VPN is a Win2000 Routing and Remote access PPTP connection which happens to use EAP authentication (which I doubt is relevant).  
The DHCP is a standard win2000 DHCP server located on a different windows server than the RAS software.

svenkarlsen -
haven't tried that yet, i'll give that a shot it seems somewhat easier than messing around with DHCP options.
0
svenkarlsenCommented:
Have you tried adding the static route for 192.168.6.x. to the RAS Server ?

No need to try it (-----^------), - it would be illogical if it worked ;-)

The route must be added at the client, as the client use the global route 0.0.0.0, so it's probably better to focus on your DHCP server again.

0
svenkarlsenCommented:
Sorry for my slow thinking, - here's the solution/explanation:

Remember that using DHCP in connection with RAS means that RAS will optain and administer the DHCP leases, but no info is actually send to the RAS clients.

In order for DHCP info to be made available to RAS clients (DOmain name, etc.), you will need to enable the DHCP Relay Agent in RAS.  - please see:

http://support.microsoft.com/default.aspx?scid=kb;en-us;232703
0
shildrewAuthor Commented:
Thanks for yoru suggestion svenkarlsen.

I've made a minor modification but I'm not sure it will help.  The DHCP relay was already enabled but didn't have any IP addresses explicitly specified.  I would assume this meant it would broadcast the request but I'll check and find out.  

The ras clients however have always shown up in the dhcp servers lease list - is this trickery on the part of the ras?  I have now established that my local clients pick up the 033 static route option and add it appropriately which means that it is something to do with the remote access clients/server rather than my dhcp server configuration.

I'll check out this explicit server ip configuration in the hope that it works.

Thanks for your help so far!

Simon
0
svenkarlsenCommented:
Re: DHCP & RAS.

Yes, - RAS does 'cheat' - it takes out a lease of 10 addresses from the DHCP, but it administers them and they are not actually acquired by the RAS clients. Or you could say: it simply asks the DHCP for 10 addresses to populate it's address pool, but it is still the principles of 'RAS address pool' that is used.

When you use the DHCP Relay Agent, the RAS will still perform this process, but clients may receive info from the DHCP server by DHCPINFORM packets. DNS and WINS info received this way will override anything  obtained from the RAS.


P.S. Remember to configure an interface as 'Internal' for the DHCP Relay Agent at the RAS........
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
shildrewAuthor Commented:
Right, it seems to be working now - I made a further modification today which makes a lot of sense in retrospect.  It turns out that the DHCP Relay agent wasn't working properly.  Although it appeared to be configured correctly there were two interfaces called 'Internal' and the wrong one was added to the agent.  I added the other one instead and it is now happily relaying packets to my vpn clients.

Thanks for all your help guys, especially svenkarlsen who put me onto the right traacks in solving this and who has to get the points.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.