Solved

VPN computercannot ping devices on remote VPN network using server 2000 and XP client

Posted on 2006-07-09
7
355 Views
Last Modified: 2010-03-19
I have RRAS on a windows 2000 server.
I can create a VPN from home using XP machine.
When VPN is established I can ping the remote VPN server but I can't ping any other devices on the remote network.
I feel this is a routing issue.
The remote client gets an
ip address of 192.168.0.200
DHCp enabled no
default gateway of 192.168.0.200
DNS Servers 192.168.0.5
WINS 192.168.0.5
Subnet mask of 255.255.255.255

I can tracert to the vpn server 192.168.0.4
and i get  an answer on the first hop.

when I tracert to another server i.e 192.168.0.5
I get  1 251 ms  549ms 294 ms 192.168.0.199
         2 * * * request timed out as all other hops are.
on the VPN server ip config returns the PPP adapter RAS Server (Dial in)interface: details as
IP address 192.168.0.199
Subnet mask of 255.255.255.255
Default gateway :
DNS Servers:

As mentioned earlier i feel that I need to allocate a correct mask and gateway in the RRAS interface.

Any way with any ideas. I may be looking entirely in the wrong area.
0
Comment
Question by:CSSROSS
  • 3
  • 3
7 Comments
 

Author Comment

by:CSSROSS
ID: 17070736
After further investigation I can ping the remote network
if I select this server can assign host configuration protocol(DHCP) in the IP tab of the server properties within RRAS
then all works great.

I now would like to assign static address pool which allocates default gateway etc.
Any takers

Thanks
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17070940
There is alot of missing information however you need to have in certain
configurations of VPN an IP address in order to access the internal
network.

As I understand from the latest post you are now able to do this
I do not recommend setting static ips on each pc but rather
assigning static ips via the VPN/DHCP server per pc that
must use a certain IP every time.
0
 

Author Comment

by:CSSROSS
ID: 17071025
Kaerez

I would like to set the static pool within the RRAS configuration instead of allowing the DHCP IP pool to assign the remote vpn client.
I know how to create the static ip pool for the remote VP{Nclients but I do not know how to assign the default gateway.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 6

Accepted Solution

by:
kaerez earned 500 total points
ID: 17071031
Once you use DHCP on the clients they will receive the gateway with the IP address.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 17071143
Like kaerez said it's all auto once they get the dhcp address....if you aren't getting a reply just from a ping it probably because of software firewalls. Win2k3 server auto-sets a policy to turn on all windows firewalls on a domain and I'd imagine the latest update for win2k server does the same for machines on the network.

Is it really a problem not to get a ping reply on your network? You don't want anyone just to be able to see machines on your network by sending out requests to IPs. It's a normal GPO to block ping requests.

If you cannot connect to shares or run remote installations (from the server) that may be a problem but not getting a ping reply is completely normal.
0
 

Author Comment

by:CSSROSS
ID: 17071590
Kaerez

I will accept your answer. You are correct in what you are saying with DHCP as this is the fix I used in my second post. I was more interested in how I can use the alternate option of creating my own VPN address pool and indicate a gateway rather than use the networks DHCP server.

BBrunning I wanted to ping as I couldn't communicate with any devices on the network. I was not getting a default gateway so no requests were leaving the VPN server. Using the network DHCP option does work however I would have prefered to use the static IP pool option (Maybe this option can only be used for VPN point to point tunnels ?) Thanks for your input though.
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17071596
The default gateway must be the VPN server beause this is where all the packets
need to go to in order to get decrypted.
You can however add routing rules on the VPN server.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now