Solved

VPN connection setup help

Posted on 2011-03-01
5
451 Views
Last Modified: 2012-05-11
We have a company placed in a  foreign country that needs to be connected to our domain network placed in another country using VPN connection. That is the main conception.
I did the following:
- I have configured the domain server to accept incoming VPN PPTP connection
- I have configured the client VPN connection
It is working but the problem is that every time the client connects to server using VPN it seems that all the internet traffic is relayed to the VPN connection. Other words when the connection is placed the internet traffic and everything goes through the vpn ONLY!
I have tried to change the clients local subnet so now they are: (for example I give you 1 PC's settings)
LAN settings / client side:
IP:           192.168.1.2
Subnet:  255.255.255.0
GW:        192.168.1.1
DNS:      192.168.1.1

VPN settings / client side:
IP: 192.168.0.151
Gateway, dns: automatic

LAN settings / server side:
IP:          192.168.0.6
subnet: 255.255.255.0
GW:       192.168.0.4
DNS:     192.168.0.6

How should I set up the VPN connection to be totally separate  from LAN traffic, because for example when I want to download a file on the client computer it starts to download through VPN.

Thanks in advance.


0
Comment
Question by:textura
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 1

Expert Comment

by:roddymatheson
ID: 35006610
This is normal behaviour. The VPN you have set up effectively puts your client machine on the remote network. If you want to download a file that doesn't reside on the remote network, you'd be best to disconnect from the VPN first.

As an alternative, you could set up a router to router/server VPN and adjust your hosts file to resolve server names across the VPN to your  remote network subnet. This way all traffic to and from the remote network will go via your VPN and other traffic will go through your local connection.
0
 
LVL 4

Accepted Solution

by:
nexusds earned 250 total points
ID: 35006907
turn off default gateways and add a route manually for the other subnet (or in a batch file).. or use RRAS between servers if you have. Better again is use hardware routers using IPSec for better performance .. also PPTP takes some headroom on your packets and lowers or can even cause MTU problems (holes) depending on the internet connection types at each end.
0
 

Author Comment

by:textura
ID: 35006971
How professional should be a router like this, because i have a symantec gateway 320 but i don't know how should i set it up behind a router.
Can you help me regarding this?
0
 
LVL 1

Assisted Solution

by:roddymatheson
roddymatheson earned 250 total points
ID: 35007339
I'm not familiar with the Symantec Gateway 320 but even most basic home routers have a firewall/NAT that allow you to forward PPTP (port 1723) traffic and most these days are able to act as a basic VPN endpoint so I'd be very surprised if this isn't the case with your Gateway.

If you are using the gateway was your end point, you'll need to make sure that your router is forwarding PPTP traffic to the Gateway's IP address. The Gateway should have some VPN facilities for either listening for or dialling out and entering a login for the remote router to authenticate against. PPTP is easiest to set up and should allow you to get it working quickly. once you're happy you understand how it works and have the devices talking and traffic routing, you might want to change to IPSEC for the reasons nexusds mentioned - assuming the Symantec gateway supports IPSEC. If there are no VPN endpoint facilities on the Gateway, you'll need to set up a 2nd port forward but this time on the Gateway so that PPTP traffic is directed to your server's IP address.
0
 
LVL 1

Expert Comment

by:roddymatheson
ID: 35007363
I meant to say, your router may have a VPN passthrough facility which you may need to adjust depending on whether you are using the router as a VPN listener or not. Off if you are using router as VPN endpoint, otherwise turn the passthrough on.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Deploying a Microsoft Access application in a Citrix environment is not difficult but takes a few steps. However, Citrix system people are often of little help, as they typically know next to nothing about Access. The script provided here will take …
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
Viewers will learn the different options available in the Backstage view in Excel 2013.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question