• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 987
  • Last Modified:

Problems connecting to VPN (PPTP).

I have a router (Draytek Vigor 2930VS) with the VPN service turned on.

Once I connect to it using a manual created VPN connection in Windows I' can succesfully access the network resources.

When I connect using an automated connection profile, created with the Connection Manager Administration Kit (CMAK), I am able to connect but unable to access any network resources.

In both situations (manual/cmak) I used the default settings.
Can anyone tell me what I'm doing wrong/forgetting?

(I have tried this on Windows XP and Windows 7)

Thanks in advance!
Clyde.
0
Clyde_Radcliffe
Asked:
Clyde_Radcliffe
1 Solution
 
bgoeringCommented:
Is it getting a proper IP address?
0
 
bgoeringCommented:
Is it possible the cmak made a l2tp connection instead of pptp? I believe that is the default though I haven't looked at cmak in a while
0
 
q2qCommented:
I suspect  you need to provide routing information for the link.
Take a look at figure 17 and the text above
http://www.isaserver.org/img/upl/vpnkitbeta2/cmak.htm
or
http://blogs.technet.com/b/rrasblog/archive/2007/06/11/split-tunnelling-using-cmak.aspx
I havent used this before but your question sounds as though it is a routing problem, hope the above works.

0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Rob WilliamsCommented:
Generally this happens if the site from which you are connecting uses the same subnet locally on the VPN client's LAN as the Draytek's LAN, such as both using 192.168.1.x  If this is the case you will either be able to connect but not access any resources, or if the "use remote default gateway" option is selected you will be able to connect and only access the VPN server (Draytek) itself.
If this is the case the only solution is to change the subnet (not subnet mask) at one site or the other. This is why at the Draytek site common subnets such as the following should be avoided:
192.168.0.x, 192.168.1.x, 192.168.2.x
10.0.0.x, 10.10.10.x, 10.1.1.x
172.16.0.x

For the record the Gateway option can be accessed by:  On the VPN client machine right click on the VPN/PPP adapter in network connections and choose properties, then under Networking | Internet protocol IPv4 properties | advanced | check the box "use default gateway on remote network"

Based on your description I suspect the problem is the above, but you can also run into this issue if you have the Draytek assign the VPN PPP client an IP in a different subnet than the Draytek LAN. In this case the client doesn't have the correct routing information. For example:
Draytek LAN = 192.168.100.x
VPN client's LAN = 192.168.1.x
VPN client PPP adapter's current dynamic IP 192.168.200.101
The VPN client in this situation has routing information to connect to the 192.168.200.x network via it's VPN/PPP adapter but no idea how to connect to the 192.168.100.x LAN. In this case the client needs to have the following route added:
route  add  192.168.100.0  mask  192.168.200.101

0
 
Clyde_RadcliffeAuthor Commented:
The network and client shared the same address range. Thanks for the solution RobWill
0
 
Rob WilliamsCommented:
Thanks Clyde_Radcliffe. Glad to hear you were able to resolve.
Cheers!
--Rob
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now