VPN SETUP QUESTION! 500 points!

Hello,

I am trying to setup a VPN and need some help with the IP subnet configuration.  Under the IP tab in the Routing and Remote Access area, I assigned some static IP's for the VPN clients to use.  The range is 192.168.2.10 to 192.168.2.20.  Now the IP address of the server is 192.168.1.21.  Now when I connect to the VPN from a different client computer, I try to ping the server IP 192.168.1.21 but it times out probably since its on a different subnet.  

Can someone please help me figure this out?

The reason I am doing all this is because many clients on the LAN could not access their pop and smtp emails after someone logged onto the VPN.  Many people said that I had to assign IP addresses on different subnets to solve the problem.

Thanks
NAPSRAsked:
Who is Participating?
 
mikeleebrlaConnect With a Mentor Commented:
what are your subnet masks,, without knowing your subnet masks it is impossible to tell you if they are on the same subnet or not.

Also, don't listen to whoever told you about the reason the clients couldn't connect to their POP/SMTP server anymore after connecting to the VPN b/c they dont know what they are talking about.  

The root cause of your problem is that by default the windows VPN client has "use gateway of remote network" checked.  When this is checked remote clients aren't able to get out to the internet (since their gateway has been changed by the VPN connection).  To change this go to this link and check out step 9.  it will tell you how to disable "use gateway of remote network"

you never mentioned what VPN client you are using, so im assuming its windows
0
 
NAPSRAuthor Commented:
Can you please see the post below:

http://www.experts-exchange.com/Networking/Q_21397979.html


Thanks
0
 
mikeleebrlaCommented:
so basically this is a duplicate question?  which is against the member agreement b/c it causes confusion for everyone?
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
NAPSRAuthor Commented:
If no one answers my original question, what am I supposed to do but post another one?
0
 
mikeleebrlaCommented:
have you ever heard of reinventing the wheel???  if you have the same situation and have the same people look at it, you will get the same results here as you did in the first forum.  that is why you aren't supposed to post duplicate questions!!!!

what is the point of posting another question (in the same TA i might add) and then simply referring me right back to the original question??? which one am i supposed to post in??? again, that is why duplicate questions aren't allowed.
0
 
NAPSRAuthor Commented:
There is no need to be rude about it!!!!!!!!!!!!!!!!

I am a beginner at this so I am learning.  In the future, don't bother answering any of my posts!!!!!

I will go ahead and give you the points for the first reply.
0
 
MrArubaCommented:
man o man, mikey is really grumpy today.
0
 
purplepomegraniteCommented:
If you are using RRAS on Windows 2003 (or 2000) to handle your VPN, it should be distributing an IP address using your LAN subnet, not another subnet.  if it distributes an IP address for another subnet, all your VPN client will see is the server - and this is assuming that the server has been given an IP address on the VPN range, otherwise the client won't even see the server.

There is a fundamental difference between using RRAS to allow remote access and creating a VPN between two networks (which would require different subnets to allow the routing to work).

Your RRAS server should be obtaining addresses from your DHCP server for distribution to VPN clients.  All your LAN clients should also be obtaining IP addresses from this server, so there is no chance that an IP address will be issued twice (unless you are not using Windows DHCP, or are using static IPs on some machines).

It is very strange that a client dialling into your network should affect users on your LAN.  It would imply that RRAS is treating the connection as a demand-dial interface, not a VPN.  Without more information, I am not sure what would be causing this.

The "Use default gateway on remote network" will only affect the VPN client, it will categorically not affect any LAN clients.  The LAN clients will always use the default gateway given them by their DHCP server.

What I would suggest you do is disable routing and remote access and recreate it from scratch.  Before recreating it, ensure your DHCP server is correctly configured on your LAN and that all clients are set to DHCP.  Then when you reinstall RRAS, it will be automatically configured to obtain addresses from the DHCP server - you won't have to exclude ranges, or anything like that.  Configure the DHCP server for a single range (e.g. 192.162.1.x) - DO NOT declare extra subnets.

If there is any information missing from your description (e.g. there is another DHCP server on the network), then please post it here.
0
 
purplepomegraniteCommented:
Sorry, am now watching the other question thread...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.