Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 603
  • Last Modified:

Connected to VPN but no internet?

a friend of mine is trying to connect to our home computer (XP PRO) over VPN.   The VPN is setup correctly (I use a linksys VPN router, PPTP) and works from other locations.

She can successfully connect via VPN.
She can successfully PING my XP PRO box
But she cannot browse the internet,
and she cannot browse my XP box Website

Her norton is disabled.  her firewall is disabled.
I cannot ping her IP from my XP Box, even though she CAN ping my XP box.
Her VPN shows connected on my Linksys router, and pinging me from her machine works, but pinging her from my machine doesn't.

The goal is for her to browse my XP Website from her machine, and both IE and Firefox just display a "waiting for connection" message and hang, not even resulting in an error.  (she also cannot browse any internet website)

I tried everything and am out of ideas.  Anyone have an idea?
  • 6
  • 4
  • 2
1 Solution
Have you verified the machine receives proper DNS and Default gateway information when connecting to the VPN? In many Windows VPN cases the system routes ALL traffic through the VPN so the machine is no longer able to access the local default gateway or the DNS servers to resolve names.

First you might want to check what settings you have - IPCONFIG /ALL
Then you might want to check whether your DNS resolves anything: NSLOOKUP YAHOO.COM
Third, check your routing tables - NETSTAT -NR
Fourth, use traceroute to see where your traffic is going: TRACERT -D YAHOO.COM

All of the commands are supposed to be used in the command prompt, and all are in upper case to make it easier to see them. EVERYTHING in them should be in lower case when you do type them, especially the command line switches.

I would assume you either:

a) are unable to resolve any names because the end point gives you new (faulty) DNS information and the client connecting is no longer able to resolve names properly - nslookup would just fail. Nslookup also shows you which DNS server the machine is trying to use. Running the command both with the VPN  enabled and disabled allows you to easily see what's going on


b) the VPN connection gives your machine a new default gateway but screws up something else in the configuration, making your other machine effectively unable to connect to the internet.

On Win7 you can define whether to use the remote default gateway or not - the settings can be found from the VPN connection properties -> Networking -> IPV4 -> Advanced -> there's a check box on the IP Settings page ("Use default gateway on remote network") - disabling that would allow a Win7 machine to access internet, too. I'm not sure if WinXP had the same checkbox.

Hope some of this helps. It would've been useful if you had posted some information about your level of knowledge about LANs, IP traffic and such. Now I'm just forced to assume you know next to nothing, which would allow you to configure the VPN but not really use it for anything else. If I'm wrong, please let me know how far I am from the target, and we'll get it set up. I've got some XP machines too, they're just at a different location I can reach only tomorrow to check.
arthurh88Author Commented:
hi thanks for your reply.  

She can ping:
But cannot browse:

Her PPTP IP is

She can ping:

But I cannot ping:

Im using straight IP addresses, so DNS and name resolution shouldn't have anything to do with it right?   or am I wrong?
Can she ping your xp by name? Then DNS working fine.

If not check your firewall both native one and the one the anti-virus allow port 80 to pass through to allow http traffic
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

arthurh88Author Commented:
the goal is not for DNS to work.  The goal is simply to browse
I shouldn't need DNS for that.
arthurh88Author Commented:
what i dont understand is how the following can occur (her IP is

1.  She can ping
2.  She cannot browse (on both IE and firefox)
3.  I cannot ping

how can all this happen?  I'm stumped.

if she can ping and get the reply then communication can take place in both ways can you turn off the firewall and check? try turning it off at your end both built in and if any third-party ones are on that as well. if it doesnt work ask her to try on her side.

I would suggest if you have another machine on your network try accessing it on that to rule out any problems on your side
arthurh88Author Commented:
i know its not on my end, because 2 other computers successfully VPN daily to our machine, and can browse no problem!
Ahh, my mistake. I thought you actually wanted to be able to browse the internet through the VPN too.

So, in the light of the new information, the current situation is:

You have a server machine, it has a HTTP server installed, and the port 80 on that machine is not protected by a firewall, at least from the 192.168.2.x network. There are more than one users using the VPN, and at least two of those are able to do exactly what you want without any changes to the configuration. Am I right at this point?

I also assume you can see the ping traffic from her computer to your box in your VPN appliance?

The only things that I can think of at this point - and with this information - is to make sure the local network at her end doesn't conflict with yours. Another might be to try to just telnet to the HTTP port and see if you get any response assuming the person has the required skills. It's not really that hard..
- command prompt
- "telnet 80"
- if it manages to connect, you know you get at least some information
- type "GET / HTTP/1.1" and hit enter twice
- enjoy the HTML code of the startup page

Then again, the last probably doesn't make any difference - I'd assume you get a connection timed out.
arthurh88Author Commented:
i will try that.  i'm beginning to wonder if she has an unknown firewall on her machine.  i am driving out to her house in a few days and will try your suggestions.  your summary was completely correct.

1.  I have http on port 80 open to everyone on network 192.168.2.x
2. I have a linksys VPN router that has a PPTP server with 10 users maximum on my home network
3.  2 people VPN into the linksys, and can browse no problem on
4.  The third person can VPN successfully. The third person can PING and get a reply
5.  The third person cannot browse
6.  While the third person is on a VPN, even though she gets a reply when SHE initiates the Ping, if I try to ping her anywhere on the 192.168.2.x network, there is no reply from her.
VPN to windows xp maximum 3 connections if it helps
arthurh88Author Commented:
its not a VPN to XP, it is a VPN into a linksys VPN router that allows up to 10.
Configure another computer to get
Her PPTP IP if it can connect its not anything from your side. (i mean the firewall blocking that ip). If this trial is successful definitely it has to do something with her firewall.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 6
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now