Solved

VPN computercannot ping devices on remote VPN network using server 2000 and XP client

Posted on 2006-07-09
7
376 Views
Last Modified: 2010-03-19
I have RRAS on a windows 2000 server.
I can create a VPN from home using XP machine.
When VPN is established I can ping the remote VPN server but I can't ping any other devices on the remote network.
I feel this is a routing issue.
The remote client gets an
ip address of 192.168.0.200
DHCp enabled no
default gateway of 192.168.0.200
DNS Servers 192.168.0.5
WINS 192.168.0.5
Subnet mask of 255.255.255.255

I can tracert to the vpn server 192.168.0.4
and i get  an answer on the first hop.

when I tracert to another server i.e 192.168.0.5
I get  1 251 ms  549ms 294 ms 192.168.0.199
         2 * * * request timed out as all other hops are.
on the VPN server ip config returns the PPP adapter RAS Server (Dial in)interface: details as
IP address 192.168.0.199
Subnet mask of 255.255.255.255
Default gateway :
DNS Servers:

As mentioned earlier i feel that I need to allocate a correct mask and gateway in the RRAS interface.

Any way with any ideas. I may be looking entirely in the wrong area.
0
Comment
Question by:CSSROSS
  • 3
  • 3
7 Comments
 

Author Comment

by:CSSROSS
ID: 17070736
After further investigation I can ping the remote network
if I select this server can assign host configuration protocol(DHCP) in the IP tab of the server properties within RRAS
then all works great.

I now would like to assign static address pool which allocates default gateway etc.
Any takers

Thanks
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17070940
There is alot of missing information however you need to have in certain
configurations of VPN an IP address in order to access the internal
network.

As I understand from the latest post you are now able to do this
I do not recommend setting static ips on each pc but rather
assigning static ips via the VPN/DHCP server per pc that
must use a certain IP every time.
0
 

Author Comment

by:CSSROSS
ID: 17071025
Kaerez

I would like to set the static pool within the RRAS configuration instead of allowing the DHCP IP pool to assign the remote vpn client.
I know how to create the static ip pool for the remote VP{Nclients but I do not know how to assign the default gateway.
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 6

Accepted Solution

by:
kaerez earned 500 total points
ID: 17071031
Once you use DHCP on the clients they will receive the gateway with the IP address.
0
 
LVL 10

Expert Comment

by:bbrunning
ID: 17071143
Like kaerez said it's all auto once they get the dhcp address....if you aren't getting a reply just from a ping it probably because of software firewalls. Win2k3 server auto-sets a policy to turn on all windows firewalls on a domain and I'd imagine the latest update for win2k server does the same for machines on the network.

Is it really a problem not to get a ping reply on your network? You don't want anyone just to be able to see machines on your network by sending out requests to IPs. It's a normal GPO to block ping requests.

If you cannot connect to shares or run remote installations (from the server) that may be a problem but not getting a ping reply is completely normal.
0
 

Author Comment

by:CSSROSS
ID: 17071590
Kaerez

I will accept your answer. You are correct in what you are saying with DHCP as this is the fix I used in my second post. I was more interested in how I can use the alternate option of creating my own VPN address pool and indicate a gateway rather than use the networks DHCP server.

BBrunning I wanted to ping as I couldn't communicate with any devices on the network. I was not getting a default gateway so no requests were leaving the VPN server. Using the network DHCP option does work however I would have prefered to use the static IP pool option (Maybe this option can only be used for VPN point to point tunnels ?) Thanks for your input though.
0
 
LVL 6

Expert Comment

by:kaerez
ID: 17071596
The default gateway must be the VPN server beause this is where all the packets
need to go to in order to get decrypted.
You can however add routing rules on the VPN server.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question