Solved

VPN Server on win2003 using linksys wrt54g router

Posted on 2004-08-21
9
368 Views
Last Modified: 2013-11-30
Hi,

I just finished setting up a vpn server on win2003 server which i forwarded ip address of from linksys wrt54g router.  I tried getting in from home using my win2k pc and it says connected. I also went in via vnc to check the routing and remote access manager on that server and i can see my ip address and pc logged in thru one of the vpn ports so connection definately made but for some reason cannot see network or ping the vpn server.  I noticed after ipconfig that my home pc's vpn address had different subnet mask then remote network i was trying to access.  I think this is most likely my problem but don't know how to change that since vpn is set up to give out addresses using existing DHCP server which is also on same vpn server.  Any suggestions?  Thanks.
0
Comment
Question by:eservando
9 Comments
 
LVL 9

Expert Comment

by:jamesreddy
ID: 11862019
In most cases, the router itself can be adjusted to provide the correct settings to VPN clients.  In the case of Windows 2003 Server, I believe you need to set up a static route in RRAS to allow incoming VPN connections to access the interior network.

The following article (Windows 2000 but shoulkd still be applicable to Win2K3) should provide a decent overview of all the steps needed to accomplish this.  The steps might not be verbatum, but generally, this should work.

http://www.jsiinc.com/SUBI/tip4200/rh4234.htm

Microsoft has a pretty good resource for figuring this one out as well:

http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dnsbf_vpn_overview.asp

Hope that helps!

James
0
 
LVL 37

Expert Comment

by:bbao
ID: 11863036
could you please give us the nework topology and its IP addressing schema at here?
0
 

Author Comment

by:eservando
ID: 11864177
Hi,
thanks for info will check those sites out.  As far as network topology and ip addressing, the internal network has the common 192.168.1.1 for linksys router and remaining clients get dhcp from same server 192.168.1.3 static which is the vpn server.  I had read that generally you need to have 2 nic cards.  1 for inbound access from internet clients and 2nd card which is attached to internal network.  In my case, i thought i don't need that coz linksys is the gateway from internet which forwards vpn clients to static 192.168.1.3 vpn server which is also attached to rest of internal network.  What doesn't make sense is that i can see my ip address once i'm authenticated by domain controller since i also go in through vpn to view routing and remote access manager i see this under the active ports.  I would think that once i'm in and can also see vpn statistics from vpn connection icon, the problem would be coz the subnet is 255.255.255.255 for vpn connection instead of 255.255.255.0 of internal network.  My question goes back again to where i can edit this setting since everything else looks good since connection is established just can't ping addresses coz of subnet difference.  Thanks again.
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 37

Expert Comment

by:bbao
ID: 11864271
it might be a bad news to you but anyway it is worth to read and will save a lot of time! regards, bbao
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_20820844.html
0
 
LVL 1

Expert Comment

by:techi03
ID: 11864717
what ip range are u getting on the client?
did u setup the VPN server to handout addresses from the DHCP pool or static pool?
setup a seperate ip pool on the VPN that is not in the range of the DHCP.
or then select the DHCP option.

www.guidescentral.com
guides>>internet>>VPN guides
0
 
LVL 4

Expert Comment

by:sriwi
ID: 11866567
It looks like that you are not assigning your IP address from the DHCP pool as your internal network, therefore you got different address.

Re-run the RRAS service again, and make sure that you are using the same DHCP pool/range as what the your internal network are.

Hope this helps.

Cheers
0
 

Author Comment

by:eservando
ID: 11877684
Hi,

figured it out for myself actually.  As i was mentioning, since i'm authenticated and could see my ip address through a VNC session, i really felt strongly tha it had something to do with my ip address conflicting in some way with remote network since we both have same addresses.  I simply changed my client ip address to static of 192.163.1.9 and everything was accessible on network.  Ironically enough, i read later on by pure accident that this is a tcpip limitation and that you do indeed have to have different addresses or else you can't see network even tho' you've negotiated a successful vpn session.  Thanks for all the advice.  Learned a lot from them.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 12602054
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question