Solved

Connection issues to multiple pptp VPN.

Posted on 2007-03-20
4
510 Views
Last Modified: 2011-10-03
I have 4 sites that I connect via a pptp connection VPN. I had this working without issue for the past year. I then reinstalled my computer for other reasons and now that I have a fresh install of xp sp2 on my computer, I can still connect to the VPN's, but here is what is now happening.

When I connect to the main VPN (this is the one I use to get my outlook email as I am off-site) I can access all resources as I would expect. I then want to connect another site (totally unrelated to the first site) I am able to connect and access resources on that remote VPN. When I do that, I lose my connection in Outlook. I can still ping the mail server, which is again on the first VPN, but I can no longer connect. If I disconnect the second VPN, it instantly connects again. I also lose my connection to our DMZ at my current location, which is not apart of any of the VPN's. None of this happened before I reinstalled my connection. I could connect 2 separate pptp VPN's and have full access to all 3 sites with no interruption.

Any ideas what may have happened here? For whatever reason, it seems that the routing is being affected when I connect to a second pptp.
0
Comment
Question by:adembo
  • 3
4 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18755732
Likely the default gateway option is set, which it is by default.
There is a security feature in the VPN client that blocks local connections, or connections to other networks, including local Internet access, to protect the remote office network. You can disable this if you wish. To do so on the client/connecting PC, go to:
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"

Keep in mind this is a security feature and disabling can allow total access to the remote network, from the local network
0
 
LVL 2

Author Comment

by:adembo
ID: 18755844
RobWill,

Very well said and exactly the fix I was looking for. Thanks also for the added comment on the fact this is a security feature. When you say allow "total access" to the remote network from the local network, I dont understand what you mean by that. I have my Watchguard firewall on the other side (which is what is authenticating me) which is where I have setup what a pptp connection can and cant get to. Does that sound like it may be a fix for what you were suggesting?

Thanks.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18755922
The "fix" should resolve your issue. Also where you reloaded the system it probably set it back to the default of enabled, which would explain why it stopped working.
As for security; what the feature does when enabled is effectively isolate the connecting/client PC from it's own local network, and allow only access to the remote network. Even Internet access is routed through the tunnel. This protects the remote site from any other would be attackers at your site, blocking them from gaining access to the remote corporate network. Disabling the remote gateway option allows for "normal" local network access, as well as access to the remote network, at the same time. This will also allow you to connect to the second VPN. You should disable the gateway option on it as well.

A good example of where it might be necessary, or recommended, to have it enabled is on a home network where Johnny is playing Internet games, on an other networked PC. You wouldn't want him or his gaming buddies to be able to sneak through your tunnel to the remote site.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18756350
Thanks adembo.
Cheers !
--Rob
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now