• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1110
  • Last Modified:

VPN clients connect, but can't access network

I am configuring a new PPTP VPN on Server 2008 R2. Remote VPN Users can connect to the new VPN and ping the VPN server, but cannot access the network beyond it: ping requests to any other devices on the network just die.

I'm obviously missing a crucial step. Any ideas?

Thanks!
0
Stuart_Page
Asked:
Stuart_Page
  • 7
  • 7
1 Solution
 
QlemoC++ DeveloperCommented:
When you set up the RRAS server, did you tick the "Allow local network access" (or similar) option?
0
 
Stuart_PageAuthor Commented:
I don't recall such an option. Checking through all of the settings on my current VPN, I don't see anything like what you're describing.

Thanks.
0
 
QlemoC++ DeveloperCommented:
And you are right, that option does not exist.
Did you setup RRAS in Routing mode or only as RAS Server?
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
Stuart_PageAuthor Commented:
I don't recall. Is there some way to verify this?
0
 
QlemoC++ DeveloperCommented:
You see that in the RRAS server properties (in RRAS admin MMC).
0
 
Stuart_PageAuthor Commented:
This is just an RRAS server.
0
 
QlemoC++ DeveloperCommented:
Try if switching Routing on helps (it should). I assume the RAS server uses an IP pool of the LAN, either statically assigned or obtained via DHCP? If the RAS IP pool provides addresses from a completely different range, it's getting more complicated.
0
 
Stuart_PageAuthor Commented:
I configured RRAS to use a IP range within one of the DHCP scopes on my DHCP server, so that VPN ip's would be obtained dynamically.

Where to turn on routing?
0
 
Stuart_PageAuthor Commented:
Routing was already checked here...
RRAS routing
0
 
QlemoC++ DeveloperCommented:
It is checked (for IPv4), but you need to set it to "LAN and demand-dial routing".
0
 
Stuart_PageAuthor Commented:
Ok, so the problem was that the VPN was configured on an entirely different subnet from the rest of the network. Once I corrected that issue, traffic began to flow.

Thanks.
0
 
Stuart_PageAuthor Commented:
I found the answer to my question on my own.
0
 
QlemoC++ DeveloperCommented:
Of course it was, hence I recommended to switch demand dial routing on.
0
 
QlemoC++ DeveloperCommented:
BTW, in such cases you usually do not accept any answer but your own, and not award with a grade of "C". That grade bluntly says "was of not much help providing some very general stuff".
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now