Access local lan after VPN connection

B

Bob Murdoch

I have previously connected to my main client over dialup. I was able to
make the dialup connection, leave it up all day, and work on my local
network/internet, or theirs without trouble.

They have just converted to VPN instead of dialup. I can connect to their
network while the VPN is connected, but I can access my local network or the
internet.

I understand there are some routing table entries that I can make to fix
this problem, but I don't know what to change/add.

Can you help?

thanks,

Bob M..
 
B

Bob Murdoch

Robert L. (MS-MVP) said:
Posting the routing table here may help.
Click to expand...

Thanks Bob - I have included it below.

My workstation is 192.168.0.99, and my local gateway is 192.168.0.2. All
other devices on my local network are in the 192.168.0.* range.


===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 11 43 16 be ce ...... Intel(R) PRO/1000 MTW Network Connection -
Packe
t Scheduler Miniport
0x10006 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet
Scheduler
Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 171.17.24.178 171.17.24.177 1
11.0.0.0 255.0.0.0 192.168.0.2 192.168.0.99 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
171.17.16.0 255.255.252.0 192.168.0.2 192.168.0.99 1
171.17.24.176 255.255.255.240 171.17.24.177 171.17.24.177 20
171.17.24.177 255.255.255.255 127.0.0.1 127.0.0.1 20
171.17.255.255 255.255.255.255 171.17.24.177 171.17.24.177 20
192.168.0.0 255.255.255.0 192.168.0.99 192.168.0.99 10
192.168.0.0 255.255.255.0 171.17.24.178 171.17.24.177 10
192.168.0.99 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.0.255 255.255.255.255 192.168.0.99 192.168.0.99 10
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 20
192.168.10.0 255.255.255.0 171.17.24.178 171.17.24.177 20
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1 20
192.168.56.0 255.255.255.0 192.168.56.1 192.168.56.1 20
192.168.56.0 255.255.255.0 171.17.24.178 171.17.24.177 20
192.168.56.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.56.255 255.255.255.255 192.168.56.1 192.168.56.1 20
208.15.90.6 255.255.255.255 192.168.0.2 192.168.0.99 1
224.0.0.0 240.0.0.0 171.17.24.177 171.17.24.177 20
224.0.0.0 240.0.0.0 192.168.0.99 192.168.0.99 10
224.0.0.0 240.0.0.0 192.168.10.1 192.168.10.1 20
224.0.0.0 240.0.0.0 192.168.56.1 192.168.56.1 20
255.255.255.255 255.255.255.255 171.17.24.177 171.17.24.177 1
255.255.255.255 255.255.255.255 192.168.0.99 192.168.0.99 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.56.1 192.168.56.1 1
Default Gateway: 171.17.24.178
===========================================================================
Persistent Routes:
None
 
G

gerryR

Does the remote network use the same IP range as you're local one? if so
you're machine could be conflicting with one on the remote network.
 
R

Robert L. \(MS-MVP\)

Can I assume your client's IP range is 11.0.0.0 /8? Is your computer
multihomed computer? try to disable using default gateway in remote network.
This search result may help. Please post back with the result.

routing issues on vpnCan't access the internal server when remote client
establishes VPN Can't access the Internet while using VPN Can't access the
remote network after ...
www.chicagotech.net/routingissuesonvpn.htm


--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
 
B

Bob Murdoch

Robert L. (MS-MVP) said:
Can I assume your client's IP range is 11.0.0.0 /8? Is your computer
multihomed computer? try to disable using default gateway in remote
network. This search result may help. Please post back with the result.

routing issues on vpnCan't access the internal server when remote client
establishes VPN Can't access the Internet while using VPN Can't access the
remote network after ...
www.chicagotech.net/routingissuesonvpn.htm
Click to expand...

Yes, you are correct about the client's range.

Unfortunately, the Cisco VPN client doesn't have a 'use default gateway on
remote network' option (at least that I can find.

I spoke with the client's IT department, and they won't set up allow a split
tunnel.

Is it possible for me to add a second NIC, and bind the VPN client to it so
that I can still use the first NIC for internet and local lan access?

Bob M..
 
R

Robert L. \(MS-MVP\)

Ok, if it is Cisco VPN, that is different story. I believe you should have
an option to check Allow Local LAN access. For the internet access, you may
have an option to modify the routing table. However, for the security
reason, your IT guys may not like it.

--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
 
B

Bob Murdoch

Robert,
Robert L. (MS-MVP) said:
Ok, if it is Cisco VPN, that is different story. I believe you should have
an option to check Allow Local LAN access. For the internet access, you
may have an option to modify the routing table. However, for the security
reason, your IT guys may not like it.
Click to expand...

Yes, it is Cisco. Checking the Allow Local LAN has no effect (I believe
it's blocked on the server side).

Can you provide some pointers for the routing table modification. I've
tried a number of things, but nothing has worked, and I'm far from an
expert.

As for the IT guys - the VPN access that I have been provided is the same as
that provided to regular employees of the company. All of the resources
that the employees need (ie: email, programs, documentation, etc) are
available on their network. I am contracted developer. I need internet
access for my email, access to my dev lab, newsgroups, etc. I had access to
all of this while connected to them over dial up, but now with VPN I have to
disconnect/reconnect the VPN every time I need to make the context switch.
The IT guys understand this, but don't have the ability to modify the
internal policies (understandably so).

tia,

Bob M..
 
R

Robert L. \(MS-MVP\)

These search result may help.

routing issues on vpnResolution: When establishing VPN to the office A, the
routing table changes. To fix this issue, disable the "Use default gateway
on remote network"" on the ...
www.chicagotech.net/routingissuesonvpn.htm

RoutingRouting. Network Routing Analysis VPN Routing Analysis ...
Routing issue if the LAN and VPN are in different subnets Routing order ...
www.chicagotech.net/routing.htm



--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

LAN-to-Web traffic uses customer's VPN connection 3
XP Home VPN Setup Problem 4
Dial up connection hijacks internet connection 2
Residential ISP VPN Provider 0
Cannot map network drive over VPN, using ADSL 1
XP-Pro VPN client cannot reach XP-Pro VPN server machine, but any other machine in the VPN servers n 4
VPN DNS ISSUES 3
VPN Connectivity 2

Top