?
Solved

VPN clients connect, but can't access network

Posted on 2010-11-24
14
Medium Priority
?
1,106 Views
Last Modified: 2012-06-27
I am configuring a new PPTP VPN on Server 2008 R2. Remote VPN Users can connect to the new VPN and ping the VPN server, but cannot access the network beyond it: ping requests to any other devices on the network just die.

I'm obviously missing a crucial step. Any ideas?

Thanks!
0
Comment
Question by:Stuart_Page
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 7
14 Comments
 
LVL 70

Expert Comment

by:Qlemo
ID: 34209901
When you set up the RRAS server, did you tick the "Allow local network access" (or similar) option?
0
 

Author Comment

by:Stuart_Page
ID: 34232683
I don't recall such an option. Checking through all of the settings on my current VPN, I don't see anything like what you're describing.

Thanks.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34233203
And you are right, that option does not exist.
Did you setup RRAS in Routing mode or only as RAS Server?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:Stuart_Page
ID: 34233547
I don't recall. Is there some way to verify this?
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34234576
You see that in the RRAS server properties (in RRAS admin MMC).
0
 

Author Comment

by:Stuart_Page
ID: 34234647
This is just an RRAS server.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34234668
Try if switching Routing on helps (it should). I assume the RAS server uses an IP pool of the LAN, either statically assigned or obtained via DHCP? If the RAS IP pool provides addresses from a completely different range, it's getting more complicated.
0
 

Author Comment

by:Stuart_Page
ID: 34234707
I configured RRAS to use a IP range within one of the DHCP scopes on my DHCP server, so that VPN ip's would be obtained dynamically.

Where to turn on routing?
0
 

Author Comment

by:Stuart_Page
ID: 34234734
Routing was already checked here...
RRAS routing
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 1000 total points
ID: 34234801
It is checked (for IPv4), but you need to set it to "LAN and demand-dial routing".
0
 

Author Comment

by:Stuart_Page
ID: 34345775
Ok, so the problem was that the VPN was configured on an entirely different subnet from the rest of the network. Once I corrected that issue, traffic began to flow.

Thanks.
0
 

Author Closing Comment

by:Stuart_Page
ID: 34345781
I found the answer to my question on my own.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34345952
Of course it was, hence I recommended to switch demand dial routing on.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 34345976
BTW, in such cases you usually do not accept any answer but your own, and not award with a grade of "C". That grade bluntly says "was of not much help providing some very general stuff".
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question