Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 469
  • Last Modified:

VPN connection through ISA

I configured ISA in my Office LAN to receive VPN connection and assign IP to VPN clients automatically using my DHCP server. I can open a VPN connection and be connected fromn home to Office now and I am assigned an IP addres, but my problem is that I am not able to browse any of the servers on my Office LAN.
I did ipconfig /all and I fpund that the Subnet Mask is 255.255.255.255 and the gateway is the same IP that assigned to my VPN connection.
Any hints on ow to be able to navigate into my Office LAN?
0
first_MCITP
Asked:
first_MCITP
  • 6
  • 6
1 Solution
 
rhandelsCommented:
Did you make sure your routing is in place?? Your VPN clients should receive a good ip address, good DNS server and off course a good default gateway. Also, all computers on your network (or at least the one you would like to connect to) need to have a default gateway for the ip address (or range) your VPN client has. It could be you used a range for your BVPN clients that are not routable thorugh your network..
0
 
first_MCITPAuthor Commented:
you are right, this should happen but i don't know why VPN users are not getting the same GW as the local PC. Knowing that both are getting IP from the same DHCP server
0
 
rhandelsCommented:
Are you sure that your DHCP server is handing out ip addresses to the machines?? If you are using ISA there is a possibility that your ISA server is handing out the ip addresses in stead off your DHCP server itself..
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
first_MCITPAuthor Commented:
How to check it?
0
 
rhandelsCommented:
Do an ipcondig on your VPN machine (and preferably a route print) and check if that ip address is in your DHCP range.
Also, change the ip addresses you set up on your ISA server  for the VPN client to be a class that is outside of your DHCP servers scope.. If they are both in the same scope you can never determen what DHCP server is passing out the ip addresses..
0
 
first_MCITPAuthor Commented:
The DHCP IP range is x.x.x.1 till x.x.x.200 and my isa ip is .254. the IP assigned to the VPN client is x.x.x.119 which is included in DHCP
What do you think?
0
 
rhandelsCommented:
If you look at your ISA server and it's RRAS properties (you are using RRAS for VPN connections right??) check and see if there are any option there if it is giving out ip addresses... If your local clients do have a default gateway and your VPN clients don't i guess they are receiving their ip address from a diferent source..
0
 
first_MCITPAuthor Commented:
no it's not the case, both users and ISA have the same G.W internally and the ISA has a different G.W on the External NIC
0
 
rhandelsCommented:
Sorry, but i believe we are talking about something else.. I mean the configuration of your VPN clients.. The default gateway of your internal servers will be ok, else you would have way more problems than only the VPN clients unable to access the network..

So what you need to find out is if RRAS or your internal DHCP server is handing out ip addresses to the VPN clients. Also, you should check and see if the ip addresses your VPN clients are receiving are being routed ok..
0
 
first_MCITPAuthor Commented:
I configured the DHCP relay Agent on RRAS, the same as it was configured before but it still the same problem
0
 
rhandelsCommented:
Could you please do an ipconfig /all on the VPN clients and post it?? Because in my opinion your VPN clients don't have defasult gateways, or at least have an issue with going externally.. Could you also try to do a tracert to an extrenal site like google when loggenm in with VPN? (so all this needs to be done on the client itself, not the server).
0
 
first_MCITPAuthor Commented:
I solved it Guys;
Whenever you connect to a vpn the same will happen, so the mask will be 255.255.255.255, the IP and the gateway will be the same. Once I created a rule in ISA allowing VPN users to access internal network, it was done and solved.
Now I can access my LAN
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now