Solved

Is Double VPN connection with XP client, Win2003 VPN server possible?

Posted on 2006-07-10
8
467 Views
Last Modified: 2012-06-21
We have a commercial program that downloads licenses from a license server.  We want to use this program from home by connecting to our company VPN server, but the ip addresses the company hands out don't work because the program only responds to license requests from ip addresses on the same subnet.  Unfortunately we aren't able to 'play' with the company VPN server.  
However, we have a second VPN server that we do control running on Windows2003.  We can't connect to our Win2003 VPN from home unless already connected to the company VPN (due to perimeter firewall).  Therefore, I think the remote user will need to make 2 VPN connections, 1 to the company VPN and then 1 more connection to our Win2003 VPN.  The second connection depends on the first connection.  Is this even possible?  Also, how to insure with a Windows XP laptop that it sends all packets out the interface of the second VPN connection?  Do you need to do route print on XP to view and modify the routing table?

We tried the double VPN connection but the XP laptop still couldn't get a license.  I think the problem is probably that it's sending the license request out the first VPN connection's interface.  It also may be that you can't have a double VPN connection when 1 connection depends on the other(not sure if Windows is smart enough to handle this, or if its even possible)

Let me know if you need more info.
Thanks for the help!
0
Comment
Question by:ShannonE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
8 Comments
 
LVL 4

Author Comment

by:ShannonE
ID: 17073343
It seems like for a double VPN connection, XP would have to create a packet using the ip address of the second connection, and encapsulate that packet in another packet using the ip address of the first VPN connection.  That's why I said I don't know if Windows is smart enough to do this
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17073418
The primary VPN server can be adjusted to hand out addresses from a "pool" which can be configured as local addresses rather than a different subnet.

You'll need to make this point to the people managing the VPN server so they can accommodate you otherwise you may find this next to impossible.

0
 
LVL 4

Author Comment

by:ShannonE
ID: 17073639
Due to company policies(politics) touching the primary VPN is not an option.  However, for the primary VPN connection, instead of getting it from a 'pool', can you right-click the VPN connection->Properties->Networking tab->Internet Protocol(TCP/IP)->Properties and change it from DHCP mode to a static ip address on the same subnet as the license server, thereby eliminating the need for the second VPN connection?
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 51

Expert Comment

by:Netman66
ID: 17073980
You can try, but you would need to make an exclusion for the IPs you will use so it doesn't conflict with addresses that may be given out.

You'll have to test this.

0
 
LVL 4

Author Comment

by:ShannonE
ID: 17086206
I've got someone working from home tomorrow so we're going to try a few things.  Just wondering though why you say the double VPN setup is 'next to impossible'.  Do you know anyone who has tried it?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17086651
How do you intend to use VPN twice?  From the client to the first server then how would you VPN the second time?  This would very likely require split tunnelling even if you could manage it and that would be a routing nightmare.

0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question