PC Review


Reply
Thread Tools Rate Thread

VPN and NAT - Lan Clients will not connect to internet while VPN running

 
 
Jonathan
Guest
Posts: n/a
 
      17th Aug 2003
I have a windows 2000 server machine with two nic's one
connected to a cable modem and the other to my lan. I
have the server configured to use nat to provide internet
access to lan. When I try to configure a VPN so employees
can access the lan from home, none of the lan computers
can connect to the internet, but internet users can access
the lan. Either one will work by itself, but I can't get
both at the same time.

Cable modem ---- Nic1 ---- Server ---- NIC2 ---- Switch

I know there has to be something I am missing somewhere.
Can someone please help.

Thanks,
Jonathan
 
Reply With Quote
 
 
 
 
Bjoern Wolfgardt
Guest
Posts: n/a
 
      17th Aug 2003
Hi,

check your routing on your server if a VPN user is connected. Maybe the
default route is set to VPN if a VPN User connects.

Do this on your Server:
route print
And on one LAN Client do this:
tracert www.heise.de

pls post your results.

cu
Bjoern Wolfgardt

"Jonathan" <(E-Mail Removed)> schrieb im Newsbeitrag
news:04db01c36482$61d57110$(E-Mail Removed)...
> I have a windows 2000 server machine with two nic's one
> connected to a cable modem and the other to my lan. I
> have the server configured to use nat to provide internet
> access to lan. When I try to configure a VPN so employees
> can access the lan from home, none of the lan computers
> can connect to the internet, but internet users can access
> the lan. Either one will work by itself, but I can't get
> both at the same time.
>
> Cable modem ---- Nic1 ---- Server ---- NIC2 ---- Switch
>
> I know there has to be something I am missing somewhere.
> Can someone please help.
>
> Thanks,
> Jonathan



 
Reply With Quote
 
 
 
 
Bill Grant
Guest
Posts: n/a
 
      18th Aug 2003
What IP addresses are you using? The router to server link must be in a
different IP subnet from the LAN machines. A simple diagram would help. eg

Internet
|
public IP
router
IP?
|
IP?
RRAS
192.168.0.1 dg blank
|
workstations
192.168.0.x dg 192.168.0.1

"Jonathan" <(E-Mail Removed)> wrote in message
news:04db01c36482$61d57110$(E-Mail Removed)...
> I have a windows 2000 server machine with two nic's one
> connected to a cable modem and the other to my lan. I
> have the server configured to use nat to provide internet
> access to lan. When I try to configure a VPN so employees
> can access the lan from home, none of the lan computers
> can connect to the internet, but internet users can access
> the lan. Either one will work by itself, but I can't get
> both at the same time.
>
> Cable modem ---- Nic1 ---- Server ---- NIC2 ---- Switch
>
> I know there has to be something I am missing somewhere.
> Can someone please help.
>
> Thanks,
> Jonathan



 
Reply With Quote
 
Jonathan
Guest
Posts: n/a
 
      18th Aug 2003
In my server the network card connected to the internet
has a static public IP address and the network card
connected to my lan has a static IP of 192.168.0.1 .

Cable modem
|
|
NIC1 - 68.106.154.76
RRAS SERVER
NIC2 - 192.168.0.1
|
|
Workstations have DHCP assigned IP's from 192.168.0.2 -
192.168.0.25

With RAS and VPN running my workstations can ping each
other and the 192.168.0.1 NIC, but cannot ping any IP
addresses outside the lan. As soon as I disable the RAS
and the VPN they can access the internet.


>-----Original Message-----
> What IP addresses are you using? The router to

server link must be in a
>different IP subnet from the LAN machines. A simple

diagram would help. eg
>
>Internet
> |
>public IP
> router
> IP?
> |
> IP?
>RRAS
>192.168.0.1 dg blank
> |
>workstations
>192.168.0.x dg 192.168.0.1
>
>"Jonathan" <(E-Mail Removed)> wrote in message
>news:04db01c36482$61d57110$(E-Mail Removed)...
>> I have a windows 2000 server machine with two nic's one
>> connected to a cable modem and the other to my lan. I
>> have the server configured to use nat to provide

internet
>> access to lan. When I try to configure a VPN so

employees
>> can access the lan from home, none of the lan computers
>> can connect to the internet, but internet users can

access
>> the lan. Either one will work by itself, but I can't get
>> both at the same time.
>>
>> Cable modem ---- Nic1 ---- Server ---- NIC2 ---- Switch
>>
>> I know there has to be something I am missing somewhere.
>> Can someone please help.
>>
>> Thanks,
>> Jonathan

>
>
>.
>

 
Reply With Quote
 
Bill Grant
Guest
Posts: n/a
 
      18th Aug 2003
That doesn't make a lot of sense. If you disable RRAS you disable NAT,
and the private addressed clients shouldn't be able to get to the Internet.

Exactly what is on the public side of the server. Is there a router of
some sort? Are you using PPPoE?

"Jonathan" <(E-Mail Removed)> wrote in message
news:039001c36537$d1ea8480$(E-Mail Removed)...
> In my server the network card connected to the internet
> has a static public IP address and the network card
> connected to my lan has a static IP of 192.168.0.1 .
>
> Cable modem
> |
> |
> NIC1 - 68.106.154.76
> RRAS SERVER
> NIC2 - 192.168.0.1
> |
> |
> Workstations have DHCP assigned IP's from 192.168.0.2 -
> 192.168.0.25
>
> With RAS and VPN running my workstations can ping each
> other and the 192.168.0.1 NIC, but cannot ping any IP
> addresses outside the lan. As soon as I disable the RAS
> and the VPN they can access the internet.
>
>
> >-----Original Message-----
> > What IP addresses are you using? The router to

> server link must be in a
> >different IP subnet from the LAN machines. A simple

> diagram would help. eg
> >
> >Internet
> > |
> >public IP
> > router
> > IP?
> > |
> > IP?
> >RRAS
> >192.168.0.1 dg blank
> > |
> >workstations
> >192.168.0.x dg 192.168.0.1
> >
> >"Jonathan" <(E-Mail Removed)> wrote in message
> >news:04db01c36482$61d57110$(E-Mail Removed)...
> >> I have a windows 2000 server machine with two nic's one
> >> connected to a cable modem and the other to my lan. I
> >> have the server configured to use nat to provide

> internet
> >> access to lan. When I try to configure a VPN so

> employees
> >> can access the lan from home, none of the lan computers
> >> can connect to the internet, but internet users can

> access
> >> the lan. Either one will work by itself, but I can't get
> >> both at the same time.
> >>
> >> Cable modem ---- Nic1 ---- Server ---- NIC2 ---- Switch
> >>
> >> I know there has to be something I am missing somewhere.
> >> Can someone please help.
> >>
> >> Thanks,
> >> Jonathan

> >
> >
> >.
> >



 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN Clients behind ADSL NAT Amit Bhatta Microsoft Windows 2000 Networking 2 19th Jun 2004 07:27 AM
Re: VPN routing from NAT to NAT Jeffrey Randow (MVP) Windows XP Work Remotely 13 7th May 2004 12:17 PM
Re: VPN routing from NAT to NAT Sooner Al Windows XP Work Remotely 1 26th Apr 2004 09:39 PM
NAT to NAT Johnny Puuma Windows XP Work Remotely 1 11th Feb 2004 06:06 PM
NAT 1:1 and NAT 1:N Keith W. McCammon Microsoft Windows 2000 Networking 1 17th Dec 2003 07:08 PM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 07:44 PM.