VPN routing problems?

B

Brian Heil

RAS question

I've got a Windows 2000 DC behind a NAT router (d-link Di704p rev B.) and a
windows 2000 domain member server doing VPN.
The DC is handing out DHCP addresses (192.168.1.100-199) and is the DNS server
for the domain.

D-Link IP: 192.168.1.1
DC IP Address: 192.168.1.254

VPN Server has 2 NICs
LAN NIC: 192.168.1.252
LAN Netmask: 255.255.255.0
LAN Gateway: 192.168.1.1

VPN NIC: 192.168.1.253
VPN Netmask: 255.255.255.0
VPN Gateway: 192.168.1.1

The D-Link router has ports 1723, 500, 50 and 51 redirected to the VPN NIC
server (192.168.1.253)

Routing and Remote Access was set up using the VPN NIC and a DHCP relay agent
is set up on the VPN server.

I can connect to the VPN server from a client on the internet, and ping both
the 1.252, and 1.253 interfaces.
I can also ping 192.168.1.1 and of course the VPN interface of my internet
client (say 192.168.1.120).

What I can't do is ping the DC (192.168.1.254) or in fact any client on the
192.168.1.x network. Sort of.
Sometimes, I can get 1 reply from a particular machine, then the request times
out. Once I could actually ping the DC, but after disconnecting and
reconnecting I no longer could.

Can anyone help me out here? What am I doing wrong?

Here is the ipconfig /all output on the client when connected:

<local adapter info removed>
PPP adapter VPNConnection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.123
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.254
209.253.171.61

And the output of route print on the client when connected:
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x140003 ...00 bb db 77 66 cc ...... 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
0x3d0004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.255.100.1 128.255.100.109 20
65.241.200.50 255.255.255.255 128.255.100.1 128.255.100.109 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.255.100.0 255.255.252.0 128.255.100.109 128.255.100.109 20
128.255.100.109 255.255.255.255 127.0.0.1 127.0.0.1 20
128.255.255.255 255.255.255.255 128.255.100.109 128.255.100.109 20
192.168.1.0 255.255.255.0 192.168.1.123 192.168.1.123 1
192.168.1.0 255.255.255.0 192.168.1.123 192.168.1.123 1
192.168.1.123 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.1.255 255.255.255.255 192.168.1.123 192.168.1.123 50
224.0.0.0 240.0.0.0 128.255.100.109 128.255.100.109 20
224.0.0.0 240.0.0.0 192.168.1.123 192.168.1.123 50
255.255.255.255 255.255.255.255 128.255.100.109 128.255.100.109 1
Default Gateway: 128.255.100.1
===========================================================================
Persistent Routes:
None

now the ipconfig /all on the server when the client is connected:
Ethernet adapter VPN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82546EB Based Dual Port
Network Connection
Physical Address. . . . . . . . . : 00-77-99-06-75-B6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.253
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.254
209.253.171.61
209.253.171.60

Ethernet adapter LAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82546EB Based Dual Port
Network Connection #2
Physical Address. . . . . . . . . : 00-77-99-06-75-B7
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.252
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.254
209.253.171.61
209.253.171.60

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.124
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

And the output of route print on the server:
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x1000003 ...00 77 99 06 75 b7 ...... Intel(R) 82546EB Based Dual Port Network
Connection
0x1000004 ...00 77 99 06 75 b6 ...... Intel(R) 82546EB Based Dual Port Network
Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.253 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.255.100.109 255.255.255.255 192.168.1.1 192.168.1.253 1
192.168.1.0 255.255.255.0 192.168.1.252 192.168.1.252 1
192.168.1.123 255.255.255.255 192.168.1.124 192.168.1.124 1
192.168.1.124 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.1.252 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.1.253 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.1.255 255.255.255.255 192.168.1.252 192.168.1.252 1
192.168.1.255 255.255.255.255 192.168.1.253 192.168.1.253 1
224.0.0.0 224.0.0.0 192.168.1.252 192.168.1.252 1
224.0.0.0 224.0.0.0 192.168.1.253 192.168.1.253 1
255.255.255.255 255.255.255.255 192.168.1.252 192.168.1.252 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None




-
Brian Heil (319) 335-0675 | Stay Alert! | Technology Services
Senior Programmer Analyst | Trust No One! | University of Iowa
(e-mail address removed) | Keep Your Laser Handy | College of Business
 
R

Robert L [MS-MVP]

this may help quoted from http://www25.brinkster.com/ChicagoTech
Can't access the remote network at home only

Symptoms: you setup VPN on a laptop connecting to the office VPN Server.
At home, you can connect and authenticate just fine but can't ping any
address on the remote network. If using the same laptop in a different
location, the VPN works.

Cause: The problem is the home LAN (VPN client) using the same IP and Subnet
as the remote LAN you were trying to dial into.
--
For more and other information, go to
http://www25.brinkster.com/ChicagoTech


Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Windows & Network Support, Tips and FAQs on
http://www25.brinkster.com/ChicagoTech
This posting is provided "AS IS" with no warranties.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Desperate Housewife needs help with Windows 2000 Server vpn setup 5
Cannot get NAT to route in RRAS 4
Routing 1
RRAS: Problems with NAT 4
Site-to-Site VPN 0
routing ras problem 3
Client VPN Issues 1
VPN connection established, but nothing else works 5

Top