DaveKall42
asked on
2008 R2 VPN Clients can only see VPN Server not remote network
I have a 2008 R2 server setup as a VPN server. I am able to log into the VPN. I am able to get DNS resolution for the remote network. I can ping and RDP into the server hosting the VPN service but cannot get past that server to other servers on the network. I have unchecked use the remote gateway etc. I have IP v4 routing enabled. Not sure where else to go from here??
Any help will be greatly appreciated!
Any help will be greatly appreciated!
ASKER
Sure, here it is........
Windows IP Configuration
Host Name . . . . . . . . . . . . :
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . :
PPP adapter
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.1.21(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.1.0.15
10.1.0.16
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet C
ontroller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-C7-A8-E5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::50f6:3beb:471d:1592% 12(Preferr ed)
IPv4 Address. . . . . . . . . . . : 192.168.10.39(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 17, 2013 11:32:07 AM
Lease Expires . . . . . . . . . . : Saturday, January 19, 2013 8:31:07 AM
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 352331372
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0 -CA-94-12- ED-4D
DNS Servers . . . . . . . . . . . : 205.171.3.65
205.171.2.65
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : E0-CA-94-12-ED-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5dd:c55d:2d8f:4e7b% 31(Preferr ed)
IPv4 Address. . . . . . . . . . . : 192.168.85.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 520114262
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0 -CA-94-12- ED-4D
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b052:6a74:fc0d:d0e8% 33(Preferr ed)
IPv4 Address. . . . . . . . . . . : 192.168.23.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 553668694
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0 -CA-94-12- ED-4D
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{4D0671FA-7949-489B -8F55-B0D7 F35F524A}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{55B94073-F0E2-476C -AAF8-2098 CF594C01}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{28EDE97B-8C7B-4649 -92F9-3E64 4F2DF189}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{58CC31C2-5CCA-49E4 -995E-B77A B5BA50D5}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Windows IP Configuration
Host Name . . . . . . . . . . . . :
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . :
PPP adapter
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.1.21(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.1.0.15
10.1.0.16
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet C
ontroller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-C7-A8-E5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::50f6:3beb:471d:1592%
IPv4 Address. . . . . . . . . . . : 192.168.10.39(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, January 17, 2013 11:32:07 AM
Lease Expires . . . . . . . . . . : Saturday, January 19, 2013 8:31:07 AM
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DHCPv6 IAID . . . . . . . . . . . : 352331372
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0
DNS Servers . . . . . . . . . . . : 205.171.3.65
205.171.2.65
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : E0-CA-94-12-ED-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5dd:c55d:2d8f:4e7b%
IPv4 Address. . . . . . . . . . . : 192.168.85.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 520114262
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b052:6a74:fc0d:d0e8%
IPv4 Address. . . . . . . . . . . : 192.168.23.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 553668694
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-81-2D-59-E0
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{4D0671FA-7949-489B
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{55B94073-F0E2-476C
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{28EDE97B-8C7B-4649
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{58CC31C2-5CCA-49E4
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Is the IP range you're assigning to VPN clients different to what the servers have? I'm guessing no!
For example, your servers are in the 10.0.0.0 255.255.255.0 range.
Your VPN clients are in the 192.168.0.0 255.255.255.0 range.
You can ping the VPN server on 192.168.0.1 (for example) and you can resolve DC1's IP address to 10.0.0.1 (for example)?
Am I right so far?
If so, you need to add a static route to each of your servers so that they all point traffic to the 192.168.0.0 network via the VPN server.
So, if your VPN server is 10.0.0.254 on your LAN, you would do this on each server at the command prompt...
route -p add 192.168.0.0 mask 255.255.255.0 10.0.0.254
Give that a try!
For example, your servers are in the 10.0.0.0 255.255.255.0 range.
Your VPN clients are in the 192.168.0.0 255.255.255.0 range.
You can ping the VPN server on 192.168.0.1 (for example) and you can resolve DC1's IP address to 10.0.0.1 (for example)?
Am I right so far?
If so, you need to add a static route to each of your servers so that they all point traffic to the 192.168.0.0 network via the VPN server.
So, if your VPN server is 10.0.0.254 on your LAN, you would do this on each server at the command prompt...
route -p add 192.168.0.0 mask 255.255.255.0 10.0.0.254
Give that a try!
ASKER
Well my vpn clients are getting IPs from a server on the remote network which is on the same subnet as the VPN server.
So they are on the 10.1.0.x 255.255.248.0 subnet. There is an ip address for the internal adapter on the VPN server which is access by remote access and routing plugin that is 10.1.1.27. The IP address I was assigned by dhcp on the vpn was 10.1.1.25 and it shows up in the dhcp leases on the other server.
So they are on the 10.1.0.x 255.255.248.0 subnet. There is an ip address for the internal adapter on the VPN server which is access by remote access and routing plugin that is 10.1.1.27. The IP address I was assigned by dhcp on the vpn was 10.1.1.25 and it shows up in the dhcp leases on the other server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I am not sure where you would specifiy static vs dynamic routing on the VPN server? I do not see that option anywhere. I do see where I would could put in static routes though. Also I can ping all internal resources from VPN server.
This is a single NIC VPN server where our firewall is forwarding VPN packets to the server.
At this point DNS is resolving names on the remote network when connected to VPN. I cannot ping any other server besides the VPN server so DNS is not really in question at moment.
This is a single NIC VPN server where our firewall is forwarding VPN packets to the server.
At this point DNS is resolving names on the remote network when connected to VPN. I cannot ping any other server besides the VPN server so DNS is not really in question at moment.
How is DNS resolving names for VPN clients if you can't talk to the DNS server? Or is the VPN server also a DNS server?
To clarify, you don't need to set up static or dynamic routing to allow clients to successfully connect as long as the clients are only connecting to the same subnet as the VPN server (as is this case).
When you say the firewall is forwarding VPN packets to the server, what do you mean?
Can you post the output from the ROUTE PRINT command on a VPN client?
To clarify, you don't need to set up static or dynamic routing to allow clients to successfully connect as long as the clients are only connecting to the same subnet as the VPN server (as is this case).
When you say the firewall is forwarding VPN packets to the server, what do you mean?
Can you post the output from the ROUTE PRINT command on a VPN client?
ASKER
Sure.....
Also, the VPN server is one of the DNS servers yes.
========================== ========== ========== ==
Interface List
35........................ ..
12...00 26 6c c7 a8 e5 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller
(NDIS 6.20)
10...e0 ca 94 12 ed 4d ......Atheros AR9285 Wireless Network Adapter
31...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
33...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1......................... ..Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
========================== ========== ========== ========== ========== =========
IPv4 Route Table
========================== ========== ========== ========== ========== =========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.250.1 192.168.250.112 25
10.0.0.0 255.0.0.0 10.1.1.27 10.1.1.19 21
10.1.1.19 255.255.255.255 On-link 10.1.1.19 276
67.131.79.55 255.255.255.255 192.168.250.1 192.168.250.112 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.23.0 255.255.255.0 On-link 192.168.23.1 276
192.168.23.1 255.255.255.255 On-link 192.168.23.1 276
192.168.23.255 255.255.255.255 On-link 192.168.23.1 276
192.168.85.0 255.255.255.0 On-link 192.168.85.1 276
192.168.85.1 255.255.255.255 On-link 192.168.85.1 276
192.168.85.255 255.255.255.255 On-link 192.168.85.1 276
192.168.250.0 255.255.255.0 On-link 192.168.250.112 281
192.168.250.112 255.255.255.255 On-link 192.168.250.112 281
192.168.250.255 255.255.255.255 On-link 192.168.250.112 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.250.112 281
224.0.0.0 240.0.0.0 On-link 192.168.85.1 276
224.0.0.0 240.0.0.0 On-link 192.168.23.1 276
224.0.0.0 240.0.0.0 On-link 10.1.1.19 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.250.112 281
255.255.255.255 255.255.255.255 On-link 192.168.85.1 276
255.255.255.255 255.255.255.255 On-link 192.168.23.1 276
255.255.255.255 255.255.255.255 On-link 10.1.1.19 276
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
IPv6 Route Table
========================== ========== ========== ========== ========== =========
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
31 276 fe80::/64 On-link
33 276 fe80::/64 On-link
10 281 fe80::24ed:42bf:9093:896b/ 128
On-link
31 276 fe80::a5dd:c55d:2d8f:4e7b/ 128
On-link
33 276 fe80::b052:6a74:fc0d:d0e8/ 128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
31 276 ff00::/8 On-link
33 276 ff00::/8 On-link
========================== ========== ========== ========== ========== =========
Persistent Routes:
None
Also, the VPN server is one of the DNS servers yes.
==========================
Interface List
35........................
12...00 26 6c c7 a8 e5 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller
(NDIS 6.20)
10...e0 ca 94 12 ed 4d ......Atheros AR9285 Wireless Network Adapter
31...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
33...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1.........................
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
==========================
IPv4 Route Table
==========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.250.1 192.168.250.112 25
10.0.0.0 255.0.0.0 10.1.1.27 10.1.1.19 21
10.1.1.19 255.255.255.255 On-link 10.1.1.19 276
67.131.79.55 255.255.255.255 192.168.250.1 192.168.250.112 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.23.0 255.255.255.0 On-link 192.168.23.1 276
192.168.23.1 255.255.255.255 On-link 192.168.23.1 276
192.168.23.255 255.255.255.255 On-link 192.168.23.1 276
192.168.85.0 255.255.255.0 On-link 192.168.85.1 276
192.168.85.1 255.255.255.255 On-link 192.168.85.1 276
192.168.85.255 255.255.255.255 On-link 192.168.85.1 276
192.168.250.0 255.255.255.0 On-link 192.168.250.112 281
192.168.250.112 255.255.255.255 On-link 192.168.250.112 281
192.168.250.255 255.255.255.255 On-link 192.168.250.112 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.250.112 281
224.0.0.0 240.0.0.0 On-link 192.168.85.1 276
224.0.0.0 240.0.0.0 On-link 192.168.23.1 276
224.0.0.0 240.0.0.0 On-link 10.1.1.19 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.250.112 281
255.255.255.255 255.255.255.255 On-link 192.168.85.1 276
255.255.255.255 255.255.255.255 On-link 192.168.23.1 276
255.255.255.255 255.255.255.255 On-link 10.1.1.19 276
==========================
Persistent Routes:
None
IPv6 Route Table
==========================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
31 276 fe80::/64 On-link
33 276 fe80::/64 On-link
10 281 fe80::24ed:42bf:9093:896b/
On-link
31 276 fe80::a5dd:c55d:2d8f:4e7b/
On-link
33 276 fe80::b052:6a74:fc0d:d0e8/
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
31 276 ff00::/8 On-link
33 276 ff00::/8 On-link
==========================
Persistent Routes:
None
Ok, on the VPN client can you add a static route at the command prompt and try talking to the servers?
route add 10.1.0.0 mask 255.255.248.0 <VPN_CLIENT_IP>
You might have to do an IPCONFIG first to determine the IP address assigned to the VPN client if it has changed between connections.
route add 10.1.0.0 mask 255.255.248.0 <VPN_CLIENT_IP>
You might have to do an IPCONFIG first to determine the IP address assigned to the VPN client if it has changed between connections.
ASKER
Actually when I do a tracert from the VPN client to a remote resource it gets to the VPN server PPP interface then drops. Sounds like a routing issue on the server side but I am not sure what route to put in?
If it gets to the VPN server then drops it's probably routing from the servers that fails.
Can you do a trace to the VPN client from a server and post the output?
Can you do a trace to the VPN client from a server and post the output?
The VPN server and the VPN clients are on the 10.1.0.x 255.255.248.0 subnet.
On what subnet is the resource that you are connecting to?
On what subnet is the resource that you are connecting to?
ASKER
Same subnet. remote server 10.1.0.16
Modify the text to remove identifying attributes and then post the text to this forum.
I have a suspicion that you have no default gateway on the adapter that is connected to the VPN.