Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

cant reach VPN client from server end using RRAS on Windows server 2003

Posted on 2007-03-21
6
Medium Priority
?
241 Views
Last Modified: 2010-03-18
I have one server that is running RRAS I am using it as a VPN server. I have another server that is my dhcp server, dns server and domain controler. I have the vpn setup and when a VPN client is conected I can ping the client from the VPN server but i cannot ping the VPN client from the other servers or pc's on the network. I need to be able to do this. I no that on the dial up tab of the user there is an option to specify static routes. There is also a place to specify static routes in RRAS. Im not even sure if this is what I need to do but if it is how do I go about it? if it is not, how can I get the other pc's on the lan to be able to comunicate with the VPN Client.
0
Comment
Question by:dustinwk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18769146
-First problem is; does the VPN client have a static address ? Though this is not necessary to ping, but in the long term if other machines/servers need to connect, they will need to do so.
If you want to assign a VPN client a static IP you can do so under the dial-in tab of the user's profile in Active Directory.
-Are your VPN clients assigned an IP in a different subnet than the local network for the servers? if so you ether need to change the Static address pool in RRAS to be the same subnet, or add a route to the servers, to locate the VPN client, which is why you need the static address above. As an example, assume the server network uses 192.168.100.x, the RRAS server's IP is 192.168.100.254, and the VPN clients use 192.168.200.x then add to the other servers:
route  -p  add 192.168.200.0  mask  255.255.255.0  192.168.100.254
to remove the route
route delete 192.168.200.0
0
 

Author Comment

by:dustinwk
ID: 18769162
hey rob, this is somewhat the same issue ive been having I have not been able to get an answer but I have gone through several things and thus the new post.

Yes I have set up the clients dial-up tab to include a stattic address and yes they are on the same subnet. again I have no problem comunicating with the client from the VPN server. I have all the ports open up on the clent side firewalls and such. But the other pc's on the network do not see the static address assigned by RRAS as valid is there away to make them see it or route it for such.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18779723
Hi dustinwk. Sorry I missed you reply here somehow. Also didn't notice earlier that we have been working on this same issue before. To bad there have been no other replies for additional input. Glad to stay on it though.

We have been through most of options I am familiar with, but I am very interested in some of the issues you are dealing with. Tonight or in the morning I will try to simulate this, and the DHCP relay configurations, on some virtual machines and get back to you. I was able to do something similar to what you are doing here by adding a route on the client and on the server, but it was not exactly the same situation, so I'll test further and report back.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 1500 total points
ID: 18805393
dustinwk, played with this a bit and re-reading we need to add some routes but I need to confirm the configuration.
Do both the RRAS server and the other (DNS, DHCP etc) have a single network card, or do either have 2.
What are all the subnets for server's, client PC's and, VPN clients. If all the same still need a route, but let me know.
If they are all the same subnet, and a single network adapter, best to put the route on the router. What make and model is that (at the server site)
0
 

Author Comment

by:dustinwk
ID: 18920398
thanks for the help rob but i gave up on this one
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18922123
OK. Thanks dustinwk.
Cheers !
--Rob
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question