Solved

VPN users cannot access subnets

Posted on 2004-08-19
5
169 Views
Last Modified: 2010-04-12
Background:
We have a network that consist of two subnets 192.168.0.x and 192.168.1.x.  Cisco routers at the 0.1 and 1.1 positions.  The firewall is managed by the ISP as are the routers.  We are in the process of moving our servers and users from the 0.x to the 1.x network (the 1.x is a new building location).  We are using RRAS on the 0.x and our users would VPN in and are able to access all network resources - including those that we had moved to the 1.x network (exchange server).

The VPN server has an external IP address that is mapped on the ISP's routers.

Problem:
We just moved the RRAS server to the 1.x network (picked it up, moved down the block, changed the IP address and turned it back on, ISP changed the external mapping to reflect new internal IP address)- our users can still VPN in with no problem - HOWEVER they can no longer access anything by name.  The DNS server is located on the 0.x network.  They can PING all addresses on the 1.x network - but cannot ping anything on the 0.x network.  The RRAS server can ping the entire network.  In addition, they can no longer "surf" the web if they are connected to the VPN server.

Our ISP has done everything they can and declares that there is nothing at the routers (0.1 and 1.1) or firewall that could be blocking this.  We have since reinstalled RRAS on that server using the old settings and reinstalled using the default settings and still no luck.  

HELP!!
0
Comment
Question by:blackghosts
5 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 11841187
I would check that you have the correct routing defined on the router and the RRAS server.
In particular if the RRAS server allocates IP addresses to the remote clients make sure the routing for this network range is correct.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12154529
Are you still working this? Do you need more information?

0
 

Author Comment

by:blackghosts
ID: 15242478
Yes the information helped - I simply had forgotten that we posted the question until our new one posted today.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

One of the Top 10  common Cisco VPN problems are not-matching shared keys. This is an easy one to fix, but not always easy to notice, see the case below. A simple IPsec tunnel between fast Ethernet interfaces of routers SW1 (f1/1) and R1(f0/0). …
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now