Solved

I can NOT connect to another server when connected to my VPN

Posted on 2006-06-13
12
239 Views
Last Modified: 2010-04-18
I am trying to connect to a remote application on another server when I get connected to the corporate VPN. This VPN server is connected on the DMZ of the remote network.

****This server does NOT attach to our domain.  It is just physically connected to our network******

I can connect to the VPN successfully.  When I try to open the appliaction which points to the other server on this network it won't connect.

Once connected to the VPN, if I do an ipconfig /all, I see that I receive an IP Address that is on the remote network.  But the default gateway is MY IP Address.

I can ping the VPN server I have just connect to but I can NOT ping the other server I want to use. Both IPs are on the same subnet ( example: 192.168.1.5 and 192.168.1.6)

This has worked previously but now it is not working.

There are two network cards on the VPN server and both seems to be working OK.  On NIC has a static IP that is mapped to a public IP that I use  when connecting to the VPN.  The other NIC has a DHCP assigned IP that is on the local network.

Where should I start troubleshooting?
0
Comment
Question by:yeller
  • 3
  • 3
  • 2
  • +2
12 Comments
 
LVL 11

Expert Comment

by:M3rc74
ID: 16895359
VPN = PPTP or IPsec,

"When I try to open the appliaction which points to the other server on this network it won't connect" ;check gateway on server
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16896114
If the VPN server is on the DMZ, then do you have the proper ports open on the router/firewall to be able to reach the inside network?  

Normally, you setup the router to allow VPN traffic only from specified hosts then make the endpoint on the server inside the LAN - this way you do not have a bunch of holes between the DMZ and the LAN.

0
 

Author Comment

by:yeller
ID: 16899013
From the client, when they try to connect they are set as "automatic".  They'll try PPTP the IPSEC, I believe.
The gateway for the whole network is the same. (192.168.1.1)

I'll have to check the router configuration tomorrow.  I'm not familiar with its settings.

I did make a test that worked.  I tried  a dialup connection to the Internet.  I was able to connect to the VPN and the other application on the 2nd server this way.

I think the problem is related to the IP Adress range because most home networks use the IP range of 192.168.1.1 - 192.168.1.255.  When I connect to the  work VPN I am also using that IP range.  So, when I try to access an address on my work network ( for example: 192.168.1.99) my PC thinks that address is local not remote. So it tries to find 192.168.1.99 locally.

If you think I am right, how do I get around this?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 250 total points
ID: 16899037
If your Dial-Up worked okay then the IP similarities would certainly cause this.  

Try re-addressing your network.  It's should be fairly simple.  Change it to 192.168.22.x - this should pretty much guarantee it's unique.

0
 
LVL 3

Expert Comment

by:taylorludwig
ID: 16900527
Yeller

about your comment that you think it is because they are on the same subnet, i am almost positive this is the problem.  I have had problems with this before as where it thinks one of the IP addresses is local instead of on the vpn.  One thing you can try is, if you are you using the VPN dialer from windows

Right click go to propoerties
then choose the networking tab
highlight "internet protocol tcp/ip" and then click properties
on the next window choose advanced.  
then make sure that "use default gateway on remote network is checked"

This should then push everything to the remote network first.  The only problem with that is it will push everything tcp/ip to that first that isnt local.  So for example if you are surfing the web it will go the remote network instead of your connection making it go extremely slow.

Your best bet would just be to change the subnet at your house to 192.168.2.X as then your computer would be able to distinguish between the two network and everything would work perfectly....This is what i ended up doing as it solved all my problems i was having.  
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:yeller
ID: 16904337
I am going to look into this/ experiment a bit and I'll get back to you.

FYI taylorludwig, the "use default gateway on remote network was checked".

Any other suggestions/ideas are always appreciated.
0
 
LVL 3

Accepted Solution

by:
taylorludwig earned 250 total points
ID: 16908473
I would suggest changing the subnet at your house to 192.168.2.x that way your computer would be able to distinguish between your network and the remote connections network and should solve a lot of problems.  

After you do this and connect to your vpn and are still not able to ping the 2nd servers ip then you need to make sure that those two computers are able to communicate.  Sometimes a VPN server will not allow you to access other resources on a network for security reasons.  So when yo connect to the VPN it might allow you to access the email server and the file server but it may be blocking access to the server that is running the program you need.

I assume something like that is set up sense you say:

"****This server does NOT attach to our domain.  It is just physically connected to our network******"
0
 
LVL 3

Expert Comment

by:taylorludwig
ID: 16908487
Also if you have access to get onto the VPN server itself, then try and ping the other server, if that doesnt work try and ping the default gateway's ip address.  That could tell you that the 2nd NIC that is connected to your lcoal network is working properly.  Perhpas that server isnt connected to the local network at all.  That would explain why you can connect to the vpn (sense it has its own external ip address and NIC) but not allow it to access any local resources.  
0
 

Author Comment

by:yeller
ID: 17155816
Soory for the EXTREME delay!!
Too much work and then vacation.
Netman66 and taylorludwig had the  answer.

The Interna; netwrok and remote network both used the same private IP Address networks (192.168.1.x).  So when data was sent to the VPN the PV thought it was local traffic.

As soon as we made a test and changed on of the networks IP address, it worked!
0
 
LVL 9

Expert Comment

by:vsg375
ID: 17157853
Hi !

Thanks for your feedback. No problem about vacation, I DEFINITELY need one too, and it's next week ;o)

Please assign the points accordingly.

Cheers
0
 
LVL 9

Expert Comment

by:vsg375
ID: 17157861
Oh my... I DEFINITELY shouldn't work after midnite :o)

Cheers and sorry
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now