Windows 2003 Server RRAS Client Connects But Cannot Ping Anything On The Remote Network

I have setup RRAS on a Windows 2003 Server and as a client I can establish a PPTP VPN connection and receive an IP Address on the remote network and can also ping that address. However, I cannot ping anything else. I cannot ping the RRAS server or other devices on the remote network.

Additionally, once I connect to the PPTP VPN, I cannot browse the Internet any longer. Seems like all my traffic is going through the connection and then going nowhere from there.
CreatedAsked:
Who is Participating?
 
CreatedAuthor Commented:
I found the problem... The issue was that the Windows 2003 server had a special NIC Teaming Port that someone on the remote side had plugged it into during setup. So the server was on this special NIC Teaming Port and the RRAS Server was setup on the Local LAN Port. Hence, when the clients connected via PPTP, they were on a separate interface than the server and therefore no communication with it or other devices.
0
 
Hypercat (Deb)Commented:
You need to edit the properties of the RRAS server and be sure that you select "LAN and demand dial routing" on the General tab.
0
 
CreatedAuthor Commented:
hypercat, It is already in place. I have "Router" selected along with "LAN and demand-dial routing." Below that I have "Remote access server" selected. Any other ideas?
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Hypercat (Deb)Commented:
What have you set up as far as assigned the IP addresses to the VPN clients?  I would check that and make sure that it's handing out the right subnet, DNS and gateway addresses.
0
 
CreatedAuthor Commented:
The clients are receiving the right ip addresses and DNS settings, but there seems to be a gateway issue alright. I'm not sure how to set up a gateway and I don't know if it's something that's even done in a normal RRAS VPN setup.
0
 
Rob WilliamsCommented:
Gateway may be blank, 0.0.0.0, or the same as the PPP/VPN IP which is OK.

Might your local network be using the same subnet as the RRAS server, such as both using 192.168.1.x?  If so you will not be able to connect to any other devices on the RRAS LAN.  Local and remote subnets must be different.

Loss of local internet access is intentional as a security feature but you can enable by unchecking "use remote default gateway" within the VPN client, but if the subnets are the same you will loose access to the RRAS server as well as other devices.  For details see:
http://blog.lan-tech.ca/tag/default-gateway/
0
 
CreatedAuthor Commented:
RobWill,

Are you sure the RRAS server can't share the same IP subnet? We have other RRAS servers at other locations sharing their same local subnet, with their DHCP pools excluded, and they work fine. The only difference is that the server that I'm having problems with is Windows 2003 Server. My other two RRAS servers are setup on Windows 2008 r2 Server.

It's strange, I can connect just fine and receive an IP Address from the server. I can ping the IP address that I receive, but I cannot ping the RRAS sever or anything else on that subnet.

Additionally, from the server I cannot ping the connected client's IP, but on my other RRAS servers, I can ping the connected clients.
0
 
Rob WilliamsCommented:
>>"Are you sure the RRAS server can't share the same IP subnet? "
Not sure I explained properly.  RRAS can use the same subnet as the corporate site LAN, that is not a problem, though some (not me) do not recommend that.  The issue is if the The corpoarate LAN and or RRAS uses say 192.168.100.x  then the site from which the VPN client cannot use that as their own local LAN subnet.  Fine for the PPP/VPN adapter, but if thier router hands out 192.168.100.x you will have this problem.

It is a very common problem when using common subnets such as 192.168.0.x and 192.168.1.x  
Subnets on each network segment must be different, that is a basic rule of routing.

Having said that if the "use remote default gateway" option is enabled, which it is by default, you can useually access the server, but no other device on that network.

Perhaps from a client connect to the VPN and then post the results of  ipconfig /all  and also route print
0
 
CreatedAuthor Commented:
I want to make sure that if anyone else runs into this issue, they will have the correct solution. I am only assigning myself the minimum amount of points, which is 20 points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.