Solved

Connection issues to multiple pptp VPN.

Posted on 2007-03-20
4
553 Views
Last Modified: 2011-10-03
I have 4 sites that I connect via a pptp connection VPN. I had this working without issue for the past year. I then reinstalled my computer for other reasons and now that I have a fresh install of xp sp2 on my computer, I can still connect to the VPN's, but here is what is now happening.

When I connect to the main VPN (this is the one I use to get my outlook email as I am off-site) I can access all resources as I would expect. I then want to connect another site (totally unrelated to the first site) I am able to connect and access resources on that remote VPN. When I do that, I lose my connection in Outlook. I can still ping the mail server, which is again on the first VPN, but I can no longer connect. If I disconnect the second VPN, it instantly connects again. I also lose my connection to our DMZ at my current location, which is not apart of any of the VPN's. None of this happened before I reinstalled my connection. I could connect 2 separate pptp VPN's and have full access to all 3 sites with no interruption.

Any ideas what may have happened here? For whatever reason, it seems that the routing is being affected when I connect to a second pptp.
0
Comment
Question by:adembo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18755732
Likely the default gateway option is set, which it is by default.
There is a security feature in the VPN client that blocks local connections, or connections to other networks, including local Internet access, to protect the remote office network. You can disable this if you wish. To do so on the client/connecting PC, go to:
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"

Keep in mind this is a security feature and disabling can allow total access to the remote network, from the local network
0
 
LVL 2

Author Comment

by:adembo
ID: 18755844
RobWill,

Very well said and exactly the fix I was looking for. Thanks also for the added comment on the fact this is a security feature. When you say allow "total access" to the remote network from the local network, I dont understand what you mean by that. I have my Watchguard firewall on the other side (which is what is authenticating me) which is where I have setup what a pptp connection can and cant get to. Does that sound like it may be a fix for what you were suggesting?

Thanks.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18755922
The "fix" should resolve your issue. Also where you reloaded the system it probably set it back to the default of enabled, which would explain why it stopped working.
As for security; what the feature does when enabled is effectively isolate the connecting/client PC from it's own local network, and allow only access to the remote network. Even Internet access is routed through the tunnel. This protects the remote site from any other would be attackers at your site, blocking them from gaining access to the remote corporate network. Disabling the remote gateway option allows for "normal" local network access, as well as access to the remote network, at the same time. This will also allow you to connect to the second VPN. You should disable the gateway option on it as well.

A good example of where it might be necessary, or recommended, to have it enabled is on a home network where Johnny is playing Internet games, on an other networked PC. You wouldn't want him or his gaming buddies to be able to sneak through your tunnel to the remote site.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18756350
Thanks adembo.
Cheers !
--Rob
0

Featured Post

Want Experts Exchange at your fingertips?

With Experts Exchange’s latest app release, you can now experience our most recent features, updates, and the same community interface while on-the-go. Download our latest app release at the Android or Apple stores today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Make the most of your online learning experience.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month5 days, 13 hours left to enroll

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question