Solved

VPN Server on win2003 using linksys wrt54g router

Posted on 2004-08-21
9
362 Views
Last Modified: 2013-11-30
Hi,

I just finished setting up a vpn server on win2003 server which i forwarded ip address of from linksys wrt54g router.  I tried getting in from home using my win2k pc and it says connected. I also went in via vnc to check the routing and remote access manager on that server and i can see my ip address and pc logged in thru one of the vpn ports so connection definately made but for some reason cannot see network or ping the vpn server.  I noticed after ipconfig that my home pc's vpn address had different subnet mask then remote network i was trying to access.  I think this is most likely my problem but don't know how to change that since vpn is set up to give out addresses using existing DHCP server which is also on same vpn server.  Any suggestions?  Thanks.
0
Comment
Question by:eservando
9 Comments
 
LVL 9

Expert Comment

by:jamesreddy
Comment Utility
In most cases, the router itself can be adjusted to provide the correct settings to VPN clients.  In the case of Windows 2003 Server, I believe you need to set up a static route in RRAS to allow incoming VPN connections to access the interior network.

The following article (Windows 2000 but shoulkd still be applicable to Win2K3) should provide a decent overview of all the steps needed to accomplish this.  The steps might not be verbatum, but generally, this should work.

http://www.jsiinc.com/SUBI/tip4200/rh4234.htm

Microsoft has a pretty good resource for figuring this one out as well:

http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dnsbf_vpn_overview.asp

Hope that helps!

James
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
could you please give us the nework topology and its IP addressing schema at here?
0
 

Author Comment

by:eservando
Comment Utility
Hi,
thanks for info will check those sites out.  As far as network topology and ip addressing, the internal network has the common 192.168.1.1 for linksys router and remaining clients get dhcp from same server 192.168.1.3 static which is the vpn server.  I had read that generally you need to have 2 nic cards.  1 for inbound access from internet clients and 2nd card which is attached to internal network.  In my case, i thought i don't need that coz linksys is the gateway from internet which forwards vpn clients to static 192.168.1.3 vpn server which is also attached to rest of internal network.  What doesn't make sense is that i can see my ip address once i'm authenticated by domain controller since i also go in through vpn to view routing and remote access manager i see this under the active ports.  I would think that once i'm in and can also see vpn statistics from vpn connection icon, the problem would be coz the subnet is 255.255.255.255 for vpn connection instead of 255.255.255.0 of internal network.  My question goes back again to where i can edit this setting since everything else looks good since connection is established just can't ping addresses coz of subnet difference.  Thanks again.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
it might be a bad news to you but anyway it is worth to read and will save a lot of time! regards, bbao
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_20820844.html
0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 
LVL 1

Expert Comment

by:techi03
Comment Utility
what ip range are u getting on the client?
did u setup the VPN server to handout addresses from the DHCP pool or static pool?
setup a seperate ip pool on the VPN that is not in the range of the DHCP.
or then select the DHCP option.

www.guidescentral.com
guides>>internet>>VPN guides
0
 
LVL 4

Expert Comment

by:sriwi
Comment Utility
It looks like that you are not assigning your IP address from the DHCP pool as your internal network, therefore you got different address.

Re-run the RRAS service again, and make sure that you are using the same DHCP pool/range as what the your internal network are.

Hope this helps.

Cheers
0
 

Author Comment

by:eservando
Comment Utility
Hi,

figured it out for myself actually.  As i was mentioning, since i'm authenticated and could see my ip address through a VNC session, i really felt strongly tha it had something to do with my ip address conflicting in some way with remote network since we both have same addresses.  I simply changed my client ip address to static of 192.163.1.9 and everything was accessible on network.  Ironically enough, i read later on by pure accident that this is a tcpip limitation and that you do indeed have to have different addresses or else you can't see network even tho' you've negotiated a successful vpn session.  Thanks for all the advice.  Learned a lot from them.
0
 

Accepted Solution

by:
modulo earned 0 total points
Comment Utility
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now