VPN Server HELP!

[Rob]

HELP! I have a windows 2000 vpn server which is updating its static routes
in favor of a "PPP adapter RAS Server (Dial In) Interface:" IP (SEE BELOW)
but the routes should be assigned to our Private adapter. When this happens
ther server and VPN users can't hit our other networks listed in the static
route table. I've checked the system eventlog and it lists an Event ID:
20088 which states the Remote Access Server Acquired IP Address
172.16.27.125 to be used on the server adapter. When I check the
configuration for Routing and Remote Access, the Static Routes under IP
Routing still lists the proper routes and are dumping accross my Private
adapter. When I do an IP config I see the routes updated with the
172.16.27.125 address which happens to be the first address in the servers
Static IP Pool.

Why would the server assign this address? I have two NIC's in the server, a
Public address and Private Address shouldnt the VPN server be using the
Private address for its routing to other networks? We did make a change a
few days prior to this happening, we began assigning Static IP's to our user
accounts on the server. I updated the servers static IP pool so it would'nt
interfere with the ip's that were assigned to user accounts, could this be
related?

I'm sure you'll need more info but i'm not sure where to start on this.

PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.16.27.125
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

Thanks-ROB

 

[Phillip Windell]

HELP! I have a windows 2000 vpn server which is updating its static routes
in favor of a "PPP adapter RAS Server (Dial In) Interface:" IP (SEE BELOW)
but the routes should be assigned to our Private adapter.
When this happens ther server and VPN users can't hit our other networks listed in the
static route table.

What you're doing isn't the way to make that happen anyway. The way to make
that happen is for the user to enable "Use Gateway on Remote Network" in the
TCP/IP settings of thier dial-up Connectiod.

I've checked the system eventlog and it lists an Event ID:
20088 which states the Remote Access Server Acquired IP Address
172.16.27.125 to be used on the server adapter. When I check the
configuration for Routing and Remote Access, the Static Routes under IP
Routing still lists the proper routes and are dumping accross my Private
adapter. When I do an IP config I see the routes updated with the
172.16.27.125 address which happens to be the first address in the servers
Static IP Pool.

That's what it is supposed to do. I don't see anything wrong with it.
You can always clear the Routing Table and reboot to clean it up if you are
in doubt of it. From a command prompt type "Route -r", then reboot.

Private address for its routing to other networks? We did make a change a
few days prior to this happening, we began assigning Static IP's to our user
accounts on the server. I updated the servers static IP pool so it would'nt
interfere with the ip's that were assigned to user accounts, could this be
related?

User accounts don't have IP addresses, only interfaces do. How in the world
did you add an IP# to a user account.

 

[Rob]

Thanks for replying Phillip.

I beleive your referring too "Use Default Gateway on Remote Network" found
on the General Tab under the Advanced TCP/IP settings. This is enabled but
the server only has 1 default gateway and its assigned to the public Nic. I
don't have a Default gateway assigned to the private nic since you can only
have 1 default gateway, I want the server to use the Public gateway so users
can connect to the private address. When users connect to VPN they are
assigned the Private NIC's gateway which is null so I had to add static
routes for the server/users to hit the other networks.

As for assigning the IP address to the user accounts I was able to do so by
accessing the account properties > Dial-In (tab) > Assign Static IP

-Rob

 

[Phillip Windell]

I beleive your referring too "Use Default Gateway on Remote Network" found
on the General Tab under the Advanced TCP/IP settings. This is enabled but
the server only has 1 default gateway and its assigned to the public Nic. I
don't have a Default gateway assigned to the private nic since you can only
have 1 default gateway,

Ok, that's fine.

I want the server to use the Public gateway so users
can connect to the private address.

Use Public Gateway to access Private Address?....Sorry that doens't make any
sense to me.

When users connect to VPN they are
assigned the Private NIC's gateway which is null so I had to add static
routes for the server/users to hit the other networks.

So,...you add the static Routes and it works?, right? I must be missing
something.

As for assigning the IP address to the user accounts I was able to do so by
accessing the account properties > Dial-In (tab) > Assign Static IP

OK...