Solved

cant reach VPN client from server end using RRAS on Windows server 2003

Posted on 2007-03-21
6
209 Views
Last Modified: 2010-03-18
I have one server that is running RRAS I am using it as a VPN server. I have another server that is my dhcp server, dns server and domain controler. I have the vpn setup and when a VPN client is conected I can ping the client from the VPN server but i cannot ping the VPN client from the other servers or pc's on the network. I need to be able to do this. I no that on the dial up tab of the user there is an option to specify static routes. There is also a place to specify static routes in RRAS. Im not even sure if this is what I need to do but if it is how do I go about it? if it is not, how can I get the other pc's on the lan to be able to comunicate with the VPN Client.
0
Comment
Question by:dustinwk
  • 4
  • 2
6 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18769146
-First problem is; does the VPN client have a static address ? Though this is not necessary to ping, but in the long term if other machines/servers need to connect, they will need to do so.
If you want to assign a VPN client a static IP you can do so under the dial-in tab of the user's profile in Active Directory.
-Are your VPN clients assigned an IP in a different subnet than the local network for the servers? if so you ether need to change the Static address pool in RRAS to be the same subnet, or add a route to the servers, to locate the VPN client, which is why you need the static address above. As an example, assume the server network uses 192.168.100.x, the RRAS server's IP is 192.168.100.254, and the VPN clients use 192.168.200.x then add to the other servers:
route  -p  add 192.168.200.0  mask  255.255.255.0  192.168.100.254
to remove the route
route delete 192.168.200.0
0
 

Author Comment

by:dustinwk
ID: 18769162
hey rob, this is somewhat the same issue ive been having I have not been able to get an answer but I have gone through several things and thus the new post.

Yes I have set up the clients dial-up tab to include a stattic address and yes they are on the same subnet. again I have no problem comunicating with the client from the VPN server. I have all the ports open up on the clent side firewalls and such. But the other pc's on the network do not see the static address assigned by RRAS as valid is there away to make them see it or route it for such.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18779723
Hi dustinwk. Sorry I missed you reply here somehow. Also didn't notice earlier that we have been working on this same issue before. To bad there have been no other replies for additional input. Glad to stay on it though.

We have been through most of options I am familiar with, but I am very interested in some of the issues you are dealing with. Tonight or in the morning I will try to simulate this, and the DHCP relay configurations, on some virtual machines and get back to you. I was able to do something similar to what you are doing here by adding a route on the client and on the server, but it was not exactly the same situation, so I'll test further and report back.
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18805393
dustinwk, played with this a bit and re-reading we need to add some routes but I need to confirm the configuration.
Do both the RRAS server and the other (DNS, DHCP etc) have a single network card, or do either have 2.
What are all the subnets for server's, client PC's and, VPN clients. If all the same still need a route, but let me know.
If they are all the same subnet, and a single network adapter, best to put the route on the router. What make and model is that (at the server site)
0
 

Author Comment

by:dustinwk
ID: 18920398
thanks for the help rob but i gave up on this one
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18922123
OK. Thanks dustinwk.
Cheers !
--Rob
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Independent domain networks for setup 6 110
Unknown AD user under VMWare OU 4 53
MPIO and Link Aggregation (LACP) difference for iSCSI Network ? 12 118
Can’t delete a file 14 141
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now