I've recently set up a Linux Firewall/Gateway machine for my network. It is using the current netfilter/iptables firewall software. In addition, it functions as a PPTP VPN server. I have succeeded in setting up the VPN server to allow connections from both an isolated wireless network and from the networks outside of the firewall. Properly authenticating allows the user access to the internal network behind the firewall. The ideal situation for us is to be able to operate from outside the network as if we were actually on the network.
When the "use remote network's default gateway" checkbox is off, I can connect to the VPN and access clients on the network (192.168.2.0/24) and browse the web through my normal internet connection (not the VPN tunnel...I don't want to route all traffic through the tunnel, just "local" network traffic). But I cannot access systems on another network (192.168.0.0/24) without manually adding a route on the windows machine. Unfortunately, this route is lost when the VPN is disconnected.
If the "use remote network's default gateway" checkbox is on, I can connect to any machine just as though I was on the internal network (except browsing the internet is very slow since it goes through the tunnel).
How can I make this easier for those connecting to the VPN (Win Xp clients)? I would rather not make them run the "route ADD..." in windows every time, and it would be too slow to route all traffic through the tunnel by setting the Default Gateway to the remote network. Is there some way to dynamically set routes on the connecting VPN client using PPPD or PPTPD settings on the server side? Here is the command that allows my VPN client to see other remote machines outside the immediate network:
route ADD 192.168.0.0 MASK 255.255.255.0 192.168.2.1 METRIC 20 IF 0x130004
I can post more information at any time if it would help.
Thanks in advance,