[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 256
  • Last Modified:

Internal clients cannot access Internet when VPN client is connected

We have a Windows 2003 Server running ISA Server 2000 with routing and remote access configured to accept VPN connections.

There is no problem connecting to the network with the VPN client except that once connected the clients on the internal side of the network can no longer access the internet.

As a side note, this "lockup" also freezes the ISA server until such time that the VPN client disconnects.

Once the VPN client has disconnected, all functions return to normal.

This is a dual-homed server utilizing static-ip addressing for the VPN clients.

Any help is most appreciated.
0
BHHanley
Asked:
BHHanley
  • 4
  • 3
1 Solution
 
Tim HolmanCommented:
You need to setup split tunnelling.  This means that the VPN tunnel will only encrypt traffic to and from the remote network, rather than trying to send everything (inc. HTTP) down the same connection.
The 'use default gateway on remote network' tickbox under TCP/IP / Advanced settings is the box that enables/disables split tunnelling.
0
 
Tim HolmanCommented:
This article should fill in the gaps -

http://www.isaserver.org/tutorials/vpnclientsecurity2.html
0
 
BHHanleyAuthor Commented:
I apologize for the delay in responding. The above article did not resolve my situation.

I have asked for this question to be closed.

0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
Tim HolmanCommented:
Bhanley - how did you fix it ?
0
 
BHHanleyAuthor Commented:
See the question.
0
 
Tim HolmanCommented:
> See the question.

Sorry - I can't see anywhere how you've resolved this.  This information could be of use to others out there...  :)
0
 
BHHanleyAuthor Commented:
The solution lies in the fact that the VPN client must access the Internet via the local proxy server (in this case the ISA server). The VPN must setup it's Internet connection as a dial-up rather than a LAN connection even though it is accessing the local network via the LAN. This forces the client to use the ISA servers' Internet connection and not the ISP providers connection that the VPN is using to access the local network to surf the internet.

0
 
RomModCommented:
The question has been PAQ'd and the 500 points have been refunded.
RomMod
Community Support Moderator
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now