Solved

Pinging to Server when connected thro VPN

Posted on 2009-04-12
10
1,140 Views
Last Modified: 2013-12-05
I have configured win2000 Server (SP4) as VPN server. (XX.XX.XX.200)  When i am not in the office i connect to the server thro Winxp vpn client thro PPTP. Offlate i having this problem. I am able to connect to the vpn server smoothly (XX.XX.XX.200). i can also ping to this machine. But i am not able to ping any other server in my lan.
i,e to other servers like mail server (xx.xx.xx.51) and DB server (XX.XX.XX. 2) Hence i am not able to connect
to these servers when i am not in the office.

Is there any specific reason for this? or do i need to change any settings in my vpn server(XX.XX.Xx.200)

I request an early help in this regard
0
Comment
Question by:venkataramanaiahsr
  • 6
  • 4
10 Comments
 
LVL 3

Expert Comment

by:cubeeq
ID: 24128857
The server must be configured as router as well.
0
 

Author Comment

by:venkataramanaiahsr
ID: 24135052
When i configure it as vpn server (routing and remote access) , will it not be configured as router as well?
or do i need to configure it separately. if so how to do it . can you pls elobarate on this


0
 
LVL 3

Expert Comment

by:cubeeq
ID: 24136802
hi this is the output of route print on server after the client has connected and acquired address 10.0.0.125:

dest            mask                           gw                   interface       metrics
10.0.0.120  255.255.255.255        127.0.0.1         127.0.0.1     50
10.0.0.125  255.255.255.255        10.0.0.120       10.0.0.120   1

It is win2k3 SBS server where the .120 host is the RAS server component. The server itself has 10.0.0.99 and you are right - it is NOT the router, only RAS. However in configuration of <server> in RAS msc there is IP routing enabled. The client has Default gateway of remote network enabled, which is the default - settings in properties of TCP/IP of VPN network connection.

0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:venkataramanaiahsr
ID: 24139607
can u explain in little bit detail about this settings. i am furnishing some more information. when i connect thro vpn to my office lan here are the vpn connection settings

PPP adapter

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 128.128.XX.B
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 128.128.XX.A
                                                     125.22.47.125



      128.128.XX.A  is the ip address of my vpn server. 128.128.XX.B  is ip address receviced by my laptop when connected to vpn server.  i am able to ping to 128.128.XX.A without any issues.  but when i try to ping to other ipaddress in the office lan , request time out comes.

I have noticed additional  points here.

1.  when i connect thro vpn , the subnet mask received is 255.255.255.255 where as the all the systems in my   office   lan  are in the subnet mask 255.255.255.0.
2. and default gateway is blank

is it because of this reason. but then it is pinging to vpn server.  The logic is sightly going above my head.
can u pls explain the reasons for points 1 & 2. This might throw some light towards finding solution

I have unchecked the Default gateway of remote network in vpn connection settings



0
 

Author Comment

by:venkataramanaiahsr
ID: 24139617
Vpn server is win2000 Server with SP4 (Advanced Server Enterprise editon)
0
 
LVL 3

Expert Comment

by:cubeeq
ID: 24143532
beware 128... is public ip, you should not use it.

if you get the full mask, it means that your computer is "alone" and does not belong to any network. you can try following tips:

1. add route to "128..."/24 network: route add 128.128.XX.0 mask 255.255.255.0 128.128.XX.A
2. use tracert -d 128.128.XX.B on some computer in your lan to see what hops are used - if you don't see 128.128.XX.A - you don't have routing to your client - then you can add route to server - you can route to just one host: route add 128.128.XX.B mask 255.255.255.255 128.128.XX.A

But in ideal case you should have intranet space addresses - 192.168.X.X, 10.X.X.X (not mentioning 172.16.) and on your server there should be DHCP for LAN for lets say your 100 computers, then DHCP scope for RAS (15 addresses) and the server should have two addresses - one physical ip and one "logical" RAS ip. the physical would lie in first scope and the logical in second.

0
 

Author Comment

by:venkataramanaiahsr
ID: 24145705
if you get the full mask, it means that your computer is "alone" and does not belong to any network.

What does it mean?  i am able to connect to my office lan thro vpn  (dialup internet) when i am out of office    

and i am getting the internal ip configured for office lan. i am able to ping to vpn server in the office lan

It is only i cannot ping to other servers

0
 

Author Comment

by:venkataramanaiahsr
ID: 24155238
I have changed the vpn server from win2000 to win2003.  there ip routing option is checked which i suppose means it also acts as router along with RAS server. Now when i connect to RAS server thro VPN and try to ping
to other server 128.128.XX.C following is the output.

can you pls suggest is there anything i am missing by the following output


C:\Documents and Settings\venkat>ping 128.128.XX.C /t

Pinging 128.128.XX.C with 32 bytes of data:

Reply from 128.128.XX.C : bytes=32 time=371ms TTL=127
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 128.128.XX.C : bytes=32 time=426ms TTL=127
Reply from 128.128.XX.C : bytes=32 time=424ms TTL=127
Request timed out.
Request timed out.
Request timed out.
Reply from 128.128.XX.C : bytes=32 time=908ms TTL=127
Reply from 128.128.XX.C : bytes=32 time=663ms TTL=127
Request timed out.
Request timed out.
Request timed out.
Reply from 128.128.XX.C : bytes=32 time=483ms TTL=127
Reply from 128.128.XX.C : bytes=32 time=427ms TTL=127
Request timed out.

Ping statistics for 128.128.XX.C :
    Packets: Sent = 25, Received = 7, Lost = 18 (72% loss),
Approximate round trip times in milli-seconds:
    Minimum = 371ms, Maximum = 908ms, Average = 528ms
0
 
LVL 3

Accepted Solution

by:
cubeeq earned 500 total points
ID: 24156060
well, it seems like very bad connection. disconnect the vpn and ping the external ip in the same way. you will see if the problem is more likely in your intranet or at your provider
0
 

Author Comment

by:venkataramanaiahsr
ID: 24164828
Pls find enclosed below the ping stat when connected from my laptop outside the office to office lan thro vpn


Ping stat for vpn server

ping 128.128.XX.A         - VPN Server in my office LAN

Pinging 128.128..XX.A with 32 bytes of data:

Reply from 128.128.XX.A: bytes=32 time=625ms TTL=128
Reply from 128.128.XX.A: bytes=32 time=418ms TTL=128
Reply from 128.128.XX.A: bytes=32 time=438ms TTL=128
Reply from 128.128.XX.A: bytes=32 time=418ms TTL=128

Ping statistics for 128.128.XX.A:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 418ms, Maximum = 625ms, Average = 474ms

2. Ping stat to google

ping google.com

Pinging google.com [209.85.171.100] with 32 bytes of data:

Reply from 209.85.171.100: bytes=32 time=555ms TTL=236
Reply from 209.85.171.100: bytes=32 time=550ms TTL=236
Reply from 209.85.171.100: bytes=32 time=748ms TTL=236
Reply from 209.85.171.100: bytes=32 time=548ms TTL=236

Ping statistics for 209.85.171.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 548ms, Maximum = 748ms, Average = 600ms


This shows the internet connection is ok (net is connected thro datacard max 15KBPS bandwidth).
 
Since it is pinging to vpn server without any problem i feel even the vpn part is ok.  As suggested by you earlier
the vpn server may not be routing the requests to other systmes properly  though i have checked the router option in RAS. Is there anything else i can do (like say manually configure the static routes to other servers in the lan in RAS console).  Pls advise.  I need to find a solution for this as i need to configure this setup at my md's laptop.
 
  Is there any alternate easy solution  for the above requirement.




 


 

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question