[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

VPN computercannot ping devices on remote VPN network using server 2000 and XP client

Posted on 2006-07-09
7
Medium Priority
?
399 Views
Last Modified: 2010-03-19
I have RRAS on a windows 2000 server.
I can create a VPN from home using XP machine.
When VPN is established I can ping the remote VPN server but I can't ping any other devices on the remote network.
I feel this is a routing issue.
The remote client gets an
ip address of 192.168.0.200
DHCp enabled no
default gateway of 192.168.0.200
DNS Servers 192.168.0.5
WINS 192.168.0.5
Subnet mask of 255.255.255.255

I can tracert to the vpn server 192.168.0.4
and i get  an answer on the first hop.

when I tracert to another server i.e 192.168.0.5
I get  1 251 ms  549ms 294 ms 192.168.0.199
         2 * * * request timed out as all other hops are.
on the VPN server ip config returns the PPP adapter RAS Server (Dial in)interface: details as
IP address 192.168.0.199
Subnet mask of 255.255.255.255
Default gateway :
DNS Servers:

As mentioned earlier i feel that I need to allocate a correct mask and gateway in the RRAS interface.

Any way with any ideas. I may be looking entirely in the wrong area.
0
Comment
Question by:CSSROSS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 

Author Comment

by:CSSROSS
ID: 17070736
After further investigation I can ping the remote network
if I select this server can assign host configuration protocol(DHCP) in the IP tab of the server properties within RRAS
then all works great.

I now would like to assign static address pool which allocates default gateway etc.
Any takers

Thanks
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17070940
There is alot of missing information however you need to have in certain
configurations of VPN an IP address in order to access the internal
network.

As I understand from the latest post you are now able to do this
I do not recommend setting static ips on each pc but rather
assigning static ips via the VPN/DHCP server per pc that
must use a certain IP every time.
0
 

Author Comment

by:CSSROSS
ID: 17071025
Kaerez

I would like to set the static pool within the RRAS configuration instead of allowing the DHCP IP pool to assign the remote vpn client.
I know how to create the static ip pool for the remote VP{Nclients but I do not know how to assign the default gateway.
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 
LVL 6

Accepted Solution

by:
kaerez earned 2000 total points
ID: 17071031
Once you use DHCP on the clients they will receive the gateway with the IP address.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 17071143
Like kaerez said it's all auto once they get the dhcp address....if you aren't getting a reply just from a ping it probably because of software firewalls. Win2k3 server auto-sets a policy to turn on all windows firewalls on a domain and I'd imagine the latest update for win2k server does the same for machines on the network.

Is it really a problem not to get a ping reply on your network? You don't want anyone just to be able to see machines on your network by sending out requests to IPs. It's a normal GPO to block ping requests.

If you cannot connect to shares or run remote installations (from the server) that may be a problem but not getting a ping reply is completely normal.
0
 

Author Comment

by:CSSROSS
ID: 17071590
Kaerez

I will accept your answer. You are correct in what you are saying with DHCP as this is the fix I used in my second post. I was more interested in how I can use the alternate option of creating my own VPN address pool and indicate a gateway rather than use the networks DHCP server.

BBrunning I wanted to ping as I couldn't communicate with any devices on the network. I was not getting a default gateway so no requests were leaving the VPN server. Using the network DHCP option does work however I would have prefered to use the static IP pool option (Maybe this option can only be used for VPN point to point tunnels ?) Thanks for your input though.
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17071596
The default gateway must be the VPN server beause this is where all the packets
need to go to in order to get decrypted.
You can however add routing rules on the VPN server.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question