Solved

VPN connection through ISA

Posted on 2009-07-15
12
466 Views
Last Modified: 2012-06-27
I configured ISA in my Office LAN to receive VPN connection and assign IP to VPN clients automatically using my DHCP server. I can open a VPN connection and be connected fromn home to Office now and I am assigned an IP addres, but my problem is that I am not able to browse any of the servers on my Office LAN.
I did ipconfig /all and I fpund that the Subnet Mask is 255.255.255.255 and the gateway is the same IP that assigned to my VPN connection.
Any hints on ow to be able to navigate into my Office LAN?
0
Comment
Question by:first_MCITP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
12 Comments
 
LVL 23

Expert Comment

by:rhandels
ID: 24857136
Did you make sure your routing is in place?? Your VPN clients should receive a good ip address, good DNS server and off course a good default gateway. Also, all computers on your network (or at least the one you would like to connect to) need to have a default gateway for the ip address (or range) your VPN client has. It could be you used a range for your BVPN clients that are not routable thorugh your network..
0
 
LVL 1

Author Comment

by:first_MCITP
ID: 24857209
you are right, this should happen but i don't know why VPN users are not getting the same GW as the local PC. Knowing that both are getting IP from the same DHCP server
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24857235
Are you sure that your DHCP server is handing out ip addresses to the machines?? If you are using ISA there is a possibility that your ISA server is handing out the ip addresses in stead off your DHCP server itself..
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 1

Author Comment

by:first_MCITP
ID: 24857281
How to check it?
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24857292
Do an ipcondig on your VPN machine (and preferably a route print) and check if that ip address is in your DHCP range.
Also, change the ip addresses you set up on your ISA server  for the VPN client to be a class that is outside of your DHCP servers scope.. If they are both in the same scope you can never determen what DHCP server is passing out the ip addresses..
0
 
LVL 1

Author Comment

by:first_MCITP
ID: 24857304
The DHCP IP range is x.x.x.1 till x.x.x.200 and my isa ip is .254. the IP assigned to the VPN client is x.x.x.119 which is included in DHCP
What do you think?
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24857439
If you look at your ISA server and it's RRAS properties (you are using RRAS for VPN connections right??) check and see if there are any option there if it is giving out ip addresses... If your local clients do have a default gateway and your VPN clients don't i guess they are receiving their ip address from a diferent source..
0
 
LVL 1

Author Comment

by:first_MCITP
ID: 24857782
no it's not the case, both users and ISA have the same G.W internally and the ISA has a different G.W on the External NIC
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24857820
Sorry, but i believe we are talking about something else.. I mean the configuration of your VPN clients.. The default gateway of your internal servers will be ok, else you would have way more problems than only the VPN clients unable to access the network..

So what you need to find out is if RRAS or your internal DHCP server is handing out ip addresses to the VPN clients. Also, you should check and see if the ip addresses your VPN clients are receiving are being routed ok..
0
 
LVL 1

Author Comment

by:first_MCITP
ID: 24901373
I configured the DHCP relay Agent on RRAS, the same as it was configured before but it still the same problem
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24902171
Could you please do an ipconfig /all on the VPN clients and post it?? Because in my opinion your VPN clients don't have defasult gateways, or at least have an issue with going externally.. Could you also try to do a tracert to an extrenal site like google when loggenm in with VPN? (so all this needs to be done on the client itself, not the server).
0
 
LVL 1

Accepted Solution

by:
first_MCITP earned 0 total points
ID: 24949844
I solved it Guys;
Whenever you connect to a vpn the same will happen, so the mask will be 255.255.255.255, the IP and the gateway will be the same. Once I created a rule in ISA allowing VPN users to access internal network, it was done and solved.
Now I can access my LAN
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question