Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Connection issues to multiple pptp VPN.

Posted on 2007-03-20
4
Medium Priority
?
560 Views
Last Modified: 2011-10-03
I have 4 sites that I connect via a pptp connection VPN. I had this working without issue for the past year. I then reinstalled my computer for other reasons and now that I have a fresh install of xp sp2 on my computer, I can still connect to the VPN's, but here is what is now happening.

When I connect to the main VPN (this is the one I use to get my outlook email as I am off-site) I can access all resources as I would expect. I then want to connect another site (totally unrelated to the first site) I am able to connect and access resources on that remote VPN. When I do that, I lose my connection in Outlook. I can still ping the mail server, which is again on the first VPN, but I can no longer connect. If I disconnect the second VPN, it instantly connects again. I also lose my connection to our DMZ at my current location, which is not apart of any of the VPN's. None of this happened before I reinstalled my connection. I could connect 2 separate pptp VPN's and have full access to all 3 sites with no interruption.

Any ideas what may have happened here? For whatever reason, it seems that the routing is being affected when I connect to a second pptp.
0
Comment
Question by:adembo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 18755732
Likely the default gateway option is set, which it is by default.
There is a security feature in the VPN client that blocks local connections, or connections to other networks, including local Internet access, to protect the remote office network. You can disable this if you wish. To do so on the client/connecting PC, go to:
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"

Keep in mind this is a security feature and disabling can allow total access to the remote network, from the local network
0
 
LVL 2

Author Comment

by:adembo
ID: 18755844
RobWill,

Very well said and exactly the fix I was looking for. Thanks also for the added comment on the fact this is a security feature. When you say allow "total access" to the remote network from the local network, I dont understand what you mean by that. I have my Watchguard firewall on the other side (which is what is authenticating me) which is where I have setup what a pptp connection can and cant get to. Does that sound like it may be a fix for what you were suggesting?

Thanks.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18755922
The "fix" should resolve your issue. Also where you reloaded the system it probably set it back to the default of enabled, which would explain why it stopped working.
As for security; what the feature does when enabled is effectively isolate the connecting/client PC from it's own local network, and allow only access to the remote network. Even Internet access is routed through the tunnel. This protects the remote site from any other would be attackers at your site, blocking them from gaining access to the remote corporate network. Disabling the remote gateway option allows for "normal" local network access, as well as access to the remote network, at the same time. This will also allow you to connect to the second VPN. You should disable the gateway option on it as well.

A good example of where it might be necessary, or recommended, to have it enabled is on a home network where Johnny is playing Internet games, on an other networked PC. You wouldn't want him or his gaming buddies to be able to sneak through your tunnel to the remote site.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18756350
Thanks adembo.
Cheers !
--Rob
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question