VPN Help! I lose connectivity when i connect to VPN

Hey all, i guess it's all in the title. I set up a VPN in windows 2003 and now i'm trying to connect to it from my XP machine. It seems to connect fine, but when i try to go online, i don't have any connectivity. I can't share files i can't do anything. Can someone please help me resolve this!

Thanx all in advance!
er
LVL 3
engineroomAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob WilliamsCommented:
Do you mean you cannot connect to existing local resources and Internet? If so, there is a security feature in the VPN client that blocks local connections, including local Internet access, to protect the office/remote network. You can disable this if you wish. To do so on the client/connecting PC, go to:
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"

Or, can you not connect to remote resources. If so make sure the local LAN uses a different subnet than the remote, and try connecting using the IP such as:
\\192.168.123.123\ShareName
0
engineroomAuthor Commented:
Hey! Thanks for getting back to me. I never was even notified that there was a response to this. I'm definitely gonna try this out. The problem is that when i'm connected to the VPN and open up Firefox, i get a can't connect. Let me try this stuff out. i'll get back to you.
0
Rob WilliamsCommented:
Let us know how you make out.
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

ZibingsCommented:
I confirmed that Rob Will's response fixed the exact issue for me. now i have to figure out why i cannot get to the VPN server to connect to shares.....
0
Rob WilliamsCommented:
-I assume then the VPN connects?
-Can you connect using the IP rather than the NetBIOS name, such as \\192.168.123.123\ShareName ?
-If not, are the subnets at both sites different? If the server and client site both use the same subnet such as 192.168.1.x then you will be able to connect but not access any resources.
0
ZibingsCommented:
yeah they are different subnets, i figured it out though.  My router was my DHCP server at the time and i never specified the new server in the DNS assignments.

DUH, haha
0
engineroomAuthor Commented:
Hey guys, sorry i took so long but i finally got to try this. I did what you told me to do and i can connect to the internet now, but unfortunately i can't connect to a shared folder. The VPN says it's connected, but when i go \\ipaddress\share i get a can't connect error. I even tried \\machineName\share and that didn't work. What gives? Thanks guys!!!!!

er
0
Rob WilliamsCommented:
I assume from the LAN of the VPN server you have verified the share works?
If there is a software firewall on the machine to which you are connecting, by default it allows access to file and print services from the local subnet, but not the remote subnet. If that is the case you need to edit the firewall scope options, or at least as a test disable any software firewalls.
0
engineroomAuthor Commented:
Thanks for responding rob. I know for a fact the share is active because i was using it this morning on a different IP. I switched to a new IP and now it doesn't work. It can't be the remote thing cause it was working this morning right?
0
Rob WilliamsCommented:
You are saying using the VPN from another location you were able to connect to the share?

What is the exact error when you cannot connect from this location? If there is an error # such as 721, or 691, please advise as well.


0
engineroomAuthor Commented:
No, i was in the same location. here's the deal, we are with lightpath and i was behind their router with one of their IP addresses. The machine i was trying to connect to is currently behind lightpath. This morning i went behind a Cablevision router. I'm trying to VPN into the lightpath network. Makes sense? I checked for the anti-virus/ firewall and we currently have none.
0
Rob WilliamsCommented:
"Makes sense?"  I think so :)
First connection:
RRAS <= LightPath service <=> Internet <=> LightPath service => client
First connection:
RRAS <= LightPath service <=> Internet <=> CableVission service => client

What is the exact error when you cannot connect from this location? If there is an error # such as 721, or 691, please advise as well.

At the client end where it doesn't work, might there be two devices providing NAT (router) services, such as a router and a modem that is a combined router and modem?

0
engineroomAuthor Commented:
No error codes at all. Just a bad address error. Just as if you were to try to connect to my network via ip address. Everything right now is on a real IP. no devices translating or anything like that.
0
Rob WilliamsCommented:
There must be an error of some sort. Could you post it exactly?
When connecting to the share you should be using the private LAN address not the Public IP, such as:
\\192.168.123.123\ShareName

0
engineroomAuthor Commented:
There is no error#. I'm simply typing the path in an address bar in explorer. Also i am not using the LAN address as there is none. Both machines are on public IP's. here's the result of me putting the info in the address bar.

[Address Bar]
Windows cannot find '\\ipaddress\share'. Check the spelling and try again, or try searching for the item by clicking on the Start button and then clicking search.
0
Rob WilliamsCommented:
If the server has only the one IP and that is the public IP then that error would tend to indicate a firewall may be blocking access, or file and print sharing services have not been enabled.
0
engineroomAuthor Commented:
That particular server does not have a firewall. I also checked file and print sharing and it is all allowed. Don't know why this isn't working!?
0
Rob WilliamsCommented:
Odd, I can't think of any other causes at this point.
One word of caution though, you could be at serious risk with a server on the Internet with a public IP and no firewall.
0
engineroomAuthor Commented:
Thanks. I appreciate your help. The machine will eventually get re-done and set behind a firewall. So how do i proceed?
0
Rob WilliamsCommented:
what are the public IP's of the light path connection? For security reasons best not to post here, but might they both be in the same subnet?
0
engineroomAuthor Commented:
They are not. Technically one is on the lightpath network,  the other is on the cablevision network. Completely different ip's and subnets...

LightPath: 255.255.255.240
CableVision: 255.255.255.248
0
Rob WilliamsCommented:
Those are the subnet masks, not subnets, but if they are on different networks it is likely not a problem.

For the record; the subnet, or correctly, the network ID is a function of the IP and the subnet mask. For example 123.123.123.123 with 255.255.255.0 has a network ID (often referred to as subnet) of 123.123.123.0, or 123.123.123.123 with 255.255.0.0 has a network ID of 123.123.0.0
It is a little more complicated when the subnet mask is other than 0 or 255, but the point is if multiple network segments have the same network ID proper routing cannot take place. More information listed here if interested:
http://www.subnetmask.info/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.