Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Windows 2003 Server RRAS Client Connects But Cannot Ping Anything On The Remote Network

Posted on 2013-05-17
9
Medium Priority
?
1,483 Views
Last Modified: 2013-05-25
I have setup RRAS on a Windows 2003 Server and as a client I can establish a PPTP VPN connection and receive an IP Address on the remote network and can also ping that address. However, I cannot ping anything else. I cannot ping the RRAS server or other devices on the remote network.

Additionally, once I connect to the PPTP VPN, I cannot browse the Internet any longer. Seems like all my traffic is going through the connection and then going nowhere from there.
0
Comment
Question by:Created
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
9 Comments
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 960 total points
ID: 39176003
You need to edit the properties of the RRAS server and be sure that you select "LAN and demand dial routing" on the General tab.
0
 

Author Comment

by:Created
ID: 39176057
hypercat, It is already in place. I have "Router" selected along with "LAN and demand-dial routing." Below that I have "Remote access server" selected. Any other ideas?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 39176159
What have you set up as far as assigned the IP addresses to the VPN clients?  I would check that and make sure that it's handing out the right subnet, DNS and gateway addresses.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Created
ID: 39176773
The clients are receiving the right ip addresses and DNS settings, but there seems to be a gateway issue alright. I'm not sure how to set up a gateway and I don't know if it's something that's even done in a normal RRAS VPN setup.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 960 total points
ID: 39179084
Gateway may be blank, 0.0.0.0, or the same as the PPP/VPN IP which is OK.

Might your local network be using the same subnet as the RRAS server, such as both using 192.168.1.x?  If so you will not be able to connect to any other devices on the RRAS LAN.  Local and remote subnets must be different.

Loss of local internet access is intentional as a security feature but you can enable by unchecking "use remote default gateway" within the VPN client, but if the subnets are the same you will loose access to the RRAS server as well as other devices.  For details see:
http://blog.lan-tech.ca/tag/default-gateway/
0
 

Author Comment

by:Created
ID: 39182239
RobWill,

Are you sure the RRAS server can't share the same IP subnet? We have other RRAS servers at other locations sharing their same local subnet, with their DHCP pools excluded, and they work fine. The only difference is that the server that I'm having problems with is Windows 2003 Server. My other two RRAS servers are setup on Windows 2008 r2 Server.

It's strange, I can connect just fine and receive an IP Address from the server. I can ping the IP address that I receive, but I cannot ping the RRAS sever or anything else on that subnet.

Additionally, from the server I cannot ping the connected client's IP, but on my other RRAS servers, I can ping the connected clients.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39182279
>>"Are you sure the RRAS server can't share the same IP subnet? "
Not sure I explained properly.  RRAS can use the same subnet as the corporate site LAN, that is not a problem, though some (not me) do not recommend that.  The issue is if the The corpoarate LAN and or RRAS uses say 192.168.100.x  then the site from which the VPN client cannot use that as their own local LAN subnet.  Fine for the PPP/VPN adapter, but if thier router hands out 192.168.100.x you will have this problem.

It is a very common problem when using common subnets such as 192.168.0.x and 192.168.1.x  
Subnets on each network segment must be different, that is a basic rule of routing.

Having said that if the "use remote default gateway" option is enabled, which it is by default, you can useually access the server, but no other device on that network.

Perhaps from a client connect to the VPN and then post the results of  ipconfig /all  and also route print
0
 

Accepted Solution

by:
Created earned 0 total points
ID: 39182792
I found the problem... The issue was that the Windows 2003 server had a special NIC Teaming Port that someone on the remote side had plugged it into during setup. So the server was on this special NIC Teaming Port and the RRAS Server was setup on the Local LAN Port. Hence, when the clients connected via PPTP, they were on a separate interface than the server and therefore no communication with it or other devices.
0
 

Author Closing Comment

by:Created
ID: 39196309
I want to make sure that if anyone else runs into this issue, they will have the correct solution. I am only assigning myself the minimum amount of points, which is 20 points.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question