chcalabro
asked on
resolving websites when vpn connection
Hello All,
On our work network we have a number of public IP's. I have placed a Linksys BEFSX41 at one of the public addresses and the other one at home behind another linksys firewall.
I can sucessfully make the vpn tunnel and everything is working fine from the home side of the network. I have a voip phone that connects perfectly to the ipbx at work, can remote desktop etc perfectly. here is the problem... once the vpn tunnel is established on the work side of the network local devices can no longer resolve (some) websites. i can get to google.com etc but not other sites. https sites seem to work. what is strange is that it doesn't appear to be a dns issue because even if i go to the ip addresses of the websites they do not appear, can't ping, tracert etc. I have tried the mtu settings to no avail. if i disconnect the vpn then the problem dissapears.
i am really confused now.
any help greatly appreciated.
Regards, Charles
On our work network we have a number of public IP's. I have placed a Linksys BEFSX41 at one of the public addresses and the other one at home behind another linksys firewall.
I can sucessfully make the vpn tunnel and everything is working fine from the home side of the network. I have a voip phone that connects perfectly to the ipbx at work, can remote desktop etc perfectly. here is the problem... once the vpn tunnel is established on the work side of the network local devices can no longer resolve (some) websites. i can get to google.com etc but not other sites. https sites seem to work. what is strange is that it doesn't appear to be a dns issue because even if i go to the ip addresses of the websites they do not appear, can't ping, tracert etc. I have tried the mtu settings to no avail. if i disconnect the vpn then the problem dissapears.
i am really confused now.
any help greatly appreciated.
Regards, Charles
Hi chcalabro,
You have to configure split horizons feature for your VPN connections.
See if you VPN client has Split Horizons. Also its possible that your office VPN server will not allow you to use Split Horizons.
Cheers!
NITADMIN
You have to configure split horizons feature for your VPN connections.
See if you VPN client has Split Horizons. Also its possible that your office VPN server will not allow you to use Split Horizons.
Cheers!
NITADMIN
ASKER
Robwill they are not using the vpn client they are just accessing the internet via the router which is their gateway. once the home vpn router connects to the office vpn router and the tunnel is established then the pc's on the office side of the network fail to connect to the internet properly.
nitaadmin thanks i will check this although i have not heard of it before.
Thanks for posting!
charles
nitaadmin thanks i will check this although i have not heard of it before.
Thanks for posting!
charles
Sorry I misunderstood. So you are saying that at the main office these users loose access to some web sites when a home user connects via VPN. If so, check that the home user is using a different subnet than the office. For example if the office uses 192.168.1.x then the home site must use something else.If they are the same, it is possible there are some routing conflicts if RRAS is set upon the server.
ASKER
Hi RObwill, the subnet is the same 255.255.255.0 but the office is on a 192.168.1.x range and home is on a 192.168.72.x range does the subnet still need to be different.
Subnet = 192.168.1.x or 192.168.72.x
Subnet mask = 255.255.255.0
So you are fine. Subnets need to be different but subnet masks can be the same.
It was just a thought.
Subnet mask = 255.255.255.0
So you are fine. Subnets need to be different but subnet masks can be the same.
It was just a thought.
ASKER
again it is only when the tunnel is established that the connections on the 192.168.1.x range go nowhere, the 192.168.72.x machines are fine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks ntjock, i am giving you the points due to the effort on the comment. i suspect you are correct and will go down that path.
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check "Use default gateway on remote network"
You may currently be accessing some sites through the corporate network, and being blocked from others either by corporate restrictions or the corporate DNS configuration.