Solved

VPN Client can't see IP on local network

Posted on 2004-04-18
4
697 Views
Last Modified: 2010-03-18
Help,

I am using a Pix 506 to terminate client VPN tunnels. I set this up on three other remote users with good success.  I set the fourth user up and he can't see the resources on the inside after the VPN connection is completed. I am using the MS XP VPN client. I can connect to the Pix 506 and received an IP from the Pix IP pool. (Inside IP are 10.0.0.x and VPN pool is 192.168.1.X) I checked my VPN connection with IPCONFIG and then tried to Ping a 10.0.0.x address--no go. I have enough DHCP leases in my pool.  It looks like this client is set up the same as the others. I am stumped.

GMDwb
0
Comment
Question by:GMDwb
4 Comments
 
LVL 11

Expert Comment

by:infotrader
ID: 10857416
What IP address range does the Remote client have.  If his NIC card has an IP address of 192.168.1.X or 10.0.0.X, then you'd have a routing problem.

- Info
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 10859764
Take a look at the routing table on the VPN client (route print at command line) and make sure there is a route to the 192.168.1.x network out the VPN interface.  Is the client using the 192.168.1.x network on its local LAN?  Make sure they aren't using that network locally.  Do you have a static route to the 10.0.0.x network setup on the local client?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 10860231
Infotrader and JFrederick29 both have brought up a good point.
If the user's local LAN = 192.168.1.x (because he/she is behind a broadband router for instance), then this is the problem with no simple workaround other than to change either the VPN pool or the user's local LAN subnet.
If this is not the case, do you have the box "use default gateway on remote network" checked in the client Network/TCP/IP properties? If it is not checked, then you will have to create a static route, or check it.

0
 

Author Comment

by:GMDwb
ID: 10862553
4 hours of fighting the VPN and it was one little check box "use default gateway on remote network."    Thanks lrmoore

GMDwb
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question