How to set so my client machines can share VPN by a RRAS, thanks!

[davidw]

I have a hardware router, it is IP is 192.168.71.1, and I have two
computers, one is 192.168.71.100, another is 192.168.71.101, both access
Internet by the router, so they have gateway set to 192.168.71.1


I setup RRAS on the 100 server, and Demand-Dial VPN interface. It works
fine on 100, I can access remote network. (IP range is 192.168.0.?)

What I want to archieve now is make 101 machine access the remote network by
VPN on RRAS. It seems I just need redirect traffic on 101 to 100 and then
go out by the VPN interface. But I have no clue how to set it.

Any suggestion?

thanks!

 

[Robert L [MS-MVP]]

It depends on your router, you may be able to point all traffic to 192.168.0..0 to he RRAS. If not, you need to add route the 192.168.71.101. the command like this: route add 192.168.0.0 mask 255.255.255.0 192.168.71.100.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have a hardware router, it is IP is 192.168.71.1, and I have two
computers, one is 192.168.71.100, another is 192.168.71.101, both access
Internet by the router, so they have gateway set to 192.168.71.1


I setup RRAS on the 100 server, and Demand-Dial VPN interface. It works
fine on 100, I can access remote network. (IP range is 192.168.0.?)

What I want to archieve now is make 101 machine access the remote network by
VPN on RRAS. It seems I just need redirect traffic on 101 to 100 and then
go out by the VPN interface. But I have no clue how to set it.

Any suggestion?

thanks!

 

[davidw]

I did that, but it doesn't work. someone said I need add NAT on my RRAS.
It depends on your router, you may be able to point all traffic to 192.168.0..0 to he RRAS. If not, you need to add route the 192.168.71.101. the command like this: route add 192.168.0.0 mask 255.255.255.0 192.168.71.100.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have a hardware router, it is IP is 192.168.71.1, and I have two
computers, one is 192.168.71.100, another is 192.168.71.101, both access
Internet by the router, so they have gateway set to 192.168.71.1


I setup RRAS on the 100 server, and Demand-Dial VPN interface. It works
fine on 100, I can access remote network. (IP range is 192.168.0.?)

What I want to archieve now is make 101 machine access the remote network by
VPN on RRAS. It seems I just need redirect traffic on 101 to 100 and then
go out by the VPN interface. But I have no clue how to set it.

Any suggestion?

thanks!

 

[Robert L [MS-MVP]]

Posting the result of ipconfig /all on the RRAS may help. Or use tracert command to find out where it goes.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I did that, but it doesn't work. someone said I need add NAT on my RRAS.
It depends on your router, you may be able to point all traffic to 192.168.0..0 to he RRAS. If not, you need to add route the 192.168.71.101. the command like this: route add 192.168.0.0 mask 255.255.255.0 192.168.71.100.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have a hardware router, it is IP is 192.168.71.1, and I have two
computers, one is 192.168.71.100, another is 192.168.71.101, both access
Internet by the router, so they have gateway set to 192.168.71.1


I setup RRAS on the 100 server, and Demand-Dial VPN interface. It works
fine on 100, I can access remote network. (IP range is 192.168.0.?)

What I want to archieve now is make 101 machine access the remote network by
VPN on RRAS. It seems I just need redirect traffic on 101 to 100 and then
go out by the VPN interface. But I have no clue how to set it.

Any suggestion?

thanks!

 

[Bill Grant]

The reason it doesn't work is this. When you make a VPN connection, the
VPN "server" which you connect to sets up a host route back to the "client"
machine. So the calling machine can route traffic through the VPN
connection. Other machines cannot use the connection, because the server
does not have a route for them - it only has a route through the tunnel for
the one machine. The second machine would need to make its own VPN
connection to the remote site.

The proper way to link one subnet to another is to use a LAN to LAN (or
router to router) VPN connection. This allows you to specify subnet routes
through the VPN connection on both routers. But you need to set it up on
both the "calling" and "answering" routers.

You could try NAT, but it would mean rearranging your network. The
"private" side of NAT would need to be in a different IP subnet from the
LAN's 192.168.71.0 . Your router is already doing NAT for 192.168.71.0 .

 

[davidw]

I want to use a RRAS because when I call in same remote network from more
than one of my machines, they kind conflict with each other. And I thought
RRAS is a more neat solution.

Are you suggesting people are really using it?

I think I am doing LAN to LAN, the remote is 192.168.0.?, the private side
is 192.168.71.? , are you saying I need another IP range that differents
from the above two for NAT? How should I do that?

Thanks!

 

[Bill Grant]

To use a LAN to LAN VPN, both servers must be configured with
demand-dial interfaces, and subnet routes must be linked to these interfaces
to route subnet traffic through the tunnel.