Can you setup a Bridge through VPN?

[davis]

Hi, I'm forced to use Juniper VPN client to login to VPN.

I have to machines:
1) Laptop running windows xp pro
2) Development machine running windows xp x64 pro (64-bit)

Juniper does not provide a 64-bit VPN driver.

I can connect fine to the VPN using laptop.

I really want to use the x64 machine and I want to set it up so I can
route into the VPN via the laptop when it is connected to the VPN.

Is this possible?

I tried the following...disabling all software firewalling first, and
setting this static route on the x64 machine:

Network Destination Netmask Gateway Interface
Metric
10.0.0.0 255.0.0.0 192.168.10.36 192.168.10.129
1

The home LAN is 192.168.10.0/255.255.255.0
The VPN is 10.0.0.0/255.0.0.0

The laptop is at 192.168.10.36, so I try to ping known
10.0.0.0/255.0.0.0 IP address from x64 (thru laptop) as a test...

I tried creating a software bridge in Windows XP between the VPN
(virtual) adapter and the Wi-Fi adapter on the laptop -- did not work,
so I tore this down and tried:

I tried allowing Internet Connect Sharing on the Laptop VPN (virtual)
apapter -- did not work, so I tore thsi down and tried:

I tried
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IPEnableRouter
= 0x1 -- did not work (yes, I rebooted to take effect)

I'm guessing that doing something like this would really subvert
network security, and so it is prevented. My LAN is isolated, and I
just want to try to get this to work....any pointers?

Thanks,
Davis

 

[Richard G. Harper]

You're going to need a 64-bit VPN client/driver package, I fear. Sorry.
Alternatively you could install Virtual PC and run your VPN in a VPC
session.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[davis]

You're going to need a 64-bit VPN client/driver package, I fear. Sorry.
Alternatively you could install Virtual PC and run your VPN in a VPC
session.

Hi Rich -- through some trial and error, I did get it to work. Here's
what I did:

IP of laptop on LAN = 192.168.10.36
IP of x64 on LAN = 192.168.10.129
IP of laptop on VPN = 10.170.99.62

Go to Network Settings -> VPN Network Connect Adapter -> Properties ->
Advanced -> Allow Internet Sharing
Picked the Network Interface that has the 192.168.10.36.

Set static route on x64 box:

Active Routes:
Network Destination Netmask Gateway Interface
Metric
10.0.0.0 255.0.0.0 192.168.10.36 192.168.10.129
1

Turned off ZoneAlarm on laptop and x64 box.

I could then ping 10.* addresses from the x64 box through the laptop
VPN tunnel.

The next step was to try to fix DNS. I added additional internal
company DNS server IP addresses to 192.168.10.129 for resolving 10.*
addresses, but it did not work. Since I added them as secondary DNS
lookups, for some reason my primary DNS server 192.168.10.1 would fail,
and would fail final...meaning, it did not appear to go to the
secondary DNS addresses (e.g. 10.170.3.152).

If I run nslookup and set the server to 10.170.3.152, I could resolve
the names fine...so not sure what the problem is there. The quick
solution was just to add the hosts I needed to the windows /etc/hosts
file, and I'm using all the VPN resources I need from the x64 machine
now.

Hope this helps someone else.

 

[davis]

You're going to need a 64-bit VPN client/driver package, I fear. Sorry.
Alternatively you could install Virtual PC and run your VPN in a VPC
session.

Hi Rich -- through some trial and error, I did get it to work. Here's
what I did:

IP of laptop on LAN = 192.168.10.36
IP of x64 on LAN = 192.168.10.129
IP of laptop on VPN = 10.170.99.62

Go to Network Settings -> VPN Network Connect Adapter -> Properties ->
Advanced -> Allow Internet Sharing
Picked the Network Interface that has the 192.168.10.36.

Set static route on x64 box:

Active Routes:
Network Destination Netmask Gateway Interface
Metric
10.0.0.0 255.0.0.0 192.168.10.36 192.168.10.129
1

Turned off ZoneAlarm on laptop and x64 box.

I could then ping 10.* addresses from the x64 box through the laptop
VPN tunnel.

The next step was to try to fix DNS. I added additional internal
company DNS server IP addresses to 192.168.10.129 for resolving 10.*
addresses, but it did not work. Since I added them as secondary DNS
lookups, for some reason my primary DNS server 192.168.10.1 would fail,
and would fail final...meaning, it did not appear to go to the
secondary DNS addresses (e.g. 10.170.3.152).

If I run nslookup and set the server to 10.170.3.152, I could resolve
the names fine...so not sure what the problem is there. The quick
solution was just to add the hosts I needed to the windows /etc/hosts
file, and I'm using all the VPN resources I need from the x64 machine
now.

Hope this helps someone else.