Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

VPN Issues

Posted on 2006-06-01
13
Medium Priority
?
313 Views
Last Modified: 2010-03-19
Hi,

I am trying to VPN from my home PC onto a remote work PC, I have successfully added a VPN connection which verifies and logs me on the remote PC, however I am unable to see the network, at home I have a Netgear  DG834G Wireless router which I believe is causing my problem, but not being a network bod have tried the obvious but to no avail. The remote machine is running SBS 2003 and my client machine is XP Home, although the PPP adaptor under ipconfig/all shows the remote servers ip address I can’t ping it.

Thanks in advance
0
Comment
Question by:trojan_uk
  • 7
  • 4
  • 2
13 Comments
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16807556
Assuming the connection is established;
1) make sure any software firewalls on the PC/server to which you are connecting are disabled, even if just for testing, you can configure latter
2) the remote and local subnets should be different. If the office uses 192.168.1.x then home should use something else like 192.168.2.x If this is a built in Windows VPN server and client this is not always necessary but recommended
0
 
LVL 3

Expert Comment

by:rickyclourenco
ID: 16807597
is the IP information which you receive from the VPN correct, in terms of IP/Subnet/Gateway?

what is your local LAN numbering verses the VPN LAN numbering?  for ex: is the work one 10.10.x.x and home is 192.168.x.x?

what VPN device are you connecting to?

on the Netgear Router at your house, did you check out the config on there?  make sure that you are allowing VPN Passthrough
0
 

Author Comment

by:trojan_uk
ID: 16808064
Thanks for replies, as I said not a network bod so thought the best thing to was to upload a screen grab of the ipconfig. DNS Servers and Primary WINS server are the correct ip of the remote machine, maybe this will help.


http://www.whoba.co.uk/ipconfig.gif
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 78

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 16808281
It appears your local network is 192.168.0.x with the local router being 192.168.0.1 and the remote network is 192.168.0.x as well as indicated by the VPN adapter's 192.168.0.25 IP address. When the router receives a packet destined for the 192.168.0.x network it is confused as to whether to send it to the remote network or keep it within the local network and drops the packet. To resolve this issue (not guaranteeing there are not other issues as well) you need to change one network or the other to a different subnet such as 192.168.2.0   This has to be done on all devices within the local network. I assume the home network would be easier to adjust, and if you are using a router and all devices connected get their IP address automatically, as indicated by the screen shot, you will just have to change the router and re-boot the PC's. On the router go to the LAN configuration page and change the router's address from 192.168.0.1 to 192.168.2.1, re-boot the PC's and try again. You can run ipconfig to verify the changes have been made.
0
 
LVL 3

Expert Comment

by:rickyclourenco
ID: 16808288
Who is in charge of VPN management at your company?  

The problem is that the IP address you are given (192.168.0.25) is the same as your Gateway (192.168.0.25), the subnet mask is also odd, its 255.255.255.255, which is basically saying that only 1 IP address exists on this network, and its YOURS!  it should look more like 255.255.255.0 <-- the '0' implies that it can be ANY number, the 255 indicates that those numbers are static

This problem has to be solved first at the VPN server/device configuration at your company, then if it still does not work, you can try some of the first things I've stated...
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16808319
ps- if you wish to post the results of something like ipconfig in the future, you can output the results of any command by using  >C:\FolderName\FileName.txt  for example:
ipconfig   /all  >C:\Temp\IPConfig.txt
Then just copy and past the results. Might be easier for you. By the way if ever there is any private information such as you public/Internet IP address you should disguise it.
0
 
LVL 3

Expert Comment

by:rickyclourenco
ID: 16808359
If the IP you are given is the SAME as the Gateway, that is implying that YOUR computer is the GATEWAY....which is isn't...

the Gateway is the last place a packet is sent if it cannot find the IP address you are looking for on the local subnet.....

I also somewhat agree with RobWIll in the fact that you are using the same exact subnet as your company, which COULD cause a problem, but I'm not sure if thats absolutely true.....because if you goto your PPTP connection you created goto Properties --> Networking --> Internet Protocol --> Advanced --> and make sure that "Use Default Gateway on Remote Network" is CHECKED.....it SHOULD go to the default Gateway assigned by your VPN device......but for this case, it would probably be in your best interest to re-number your HOME LAN just to eliminate any problems.....
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16808360
rickyclourenco, as odd as it seems, with a software VPN client, the IP of the virtual VPN adapter and it's gateway are almost always the same, and it uses a subnet mask of 255.255.255.255, just the way they work. Indicates all VPN traffic should be forwarded through the virtual adapter/connection.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16808397
rickyclourenco, agree it usually works with the "use default gateway" enabled, that is what I was implying above in "If this is a built in Windows VPN server and client this is not always necessary ". However, since that is enabled by default, and I am assuming it has not been "tinkered" with, I was assuming that was not the issue.
0
 
LVL 3

Expert Comment

by:rickyclourenco
ID: 16808406
I agree with you on that one too RobWill....you get my points any day!
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16808560
:-)  Thanks Ricky.  Just pointing out how these VPN clients are odd as to how they are set up.
--Rob
0
 

Author Comment

by:trojan_uk
ID: 16808981
Thanks guys for your comments,

Robwill you were spot on, I changed the routers ip as suggested and now have access to the remote machine. Thanks a lot for the quick response and help.

All the best
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16809164
Thanks trojan_uk, glad to hear it worked for you.

Just a note. If you have any control over the office, and if you have any mobile users, you may want to consider changing the office to a less common subnet to avoid problems down the road, with traveling personnel. The most common ones to avoid are:  192.168.0-2.0, 192.168.100.0, 10.0.0.0
--Rob
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question