IP address assignment and static routes

R

Richard Prossor

I have a SBS2000 server with 2 Nic's. The recommended set up is to use a
static route for clients connecting to the server via VPN. This is set up
under the IP tab in properties of the server in RRAS. (I am using the range
176.16.0.* which is already in the LAT)

However when I set this up, while the external clients can connect to the
server - this is as far as they get, they cannot connect to anything else on
the network. (cannot even ping)

If I change the address assignment to DHCP, they can connect to the network
and all resources.

I am assuming there must be some setting somewhere that I have set wrong
(maybe in the properties of the external NIC?)

Can anyone shed any light on this?

Regards

Richard Prossor
 
M

Manjari Bonam [MSFT]

(1) Do you have the "Use default gateway on the remote network" unchecked on
the client?
Right clienk the connectoid -> Networking->Select TCP/IP->
properties->Advanced->

This could be the reason for most of the problems. You should have
it checked.
(2) Is your static IP pool different from the private network address?

(3) Please send across the route tables on the client before and after the
VPN connections
(a) with the static IP Pool
(b) With the DHCP assignments.
 
R

Richard Prossor

Thanks for the reply

1) "use default gateway on the remote network" is checked

2) The internal network is in range 192.0.0.*. The static route is in range
172.16.0.*. Both are included in the LAT in ISA.

3) I list below the route print settings for the three scenarios: Linked to
network direct, linked via VPN with DHCP address, Linked via VPN with DHCP
from static range. The last scenario is the one that is recommended but
under this I can only connect to my server and not the rest of the network.
Equally I can connect to the client from the server but not from any of the
other network machines.

My basic understanding is that the server performs the translation for
communication between the two IP ranges for this static route to work. In
the second scenario, because the ip given is in the same range as the
internal network, it works but does not indicate that the server is
performing any translation role.

Hope you can help

Regards

Richard



Route table connected to network



Interface List

0x1 ........................... MS TCP Loopback interface

0x1000003 ...00 50 04 32 37 a6 ...... 3Com EtherLink PCI

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.0.0.7 192.0.0.91 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

192.0.0.0 255.255.255.0 192.0.0.91 192.0.0.91 1

192.0.0.91 255.255.255.255 127.0.0.1 127.0.0.1 1

192.0.0.255 255.255.255.255 192.0.0.91 192.0.0.91 1

224.0.0.0 224.0.0.0 192.0.0.91 192.0.0.91 1

255.255.255.255 255.255.255.255 192.0.0.91 192.0.0.91 1

Default Gateway: 192.0.0.7

Persistent Routes:

None



Route table connected via VPN - automatic DHCP

(can connect to whole network but cannot browse via network neighbourhood)



Interface List

0x1 ........................... MS TCP Loopback interface

0x1000003 ...00 50 04 32 37 a6 ...... 3Com EtherLink PCI

0x2000004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface

0x3000005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 62.136.83.79 62.136.83.79 2

0.0.0.0 0.0.0.0 192.0.0.67 192.0.0.67 1

62.136.83.79 255.255.255.255 127.0.0.1 127.0.0.1 1

62.255.255.255 255.255.255.255 62.136.83.79 62.136.83.79 1

80.176.221.154 255.255.255.255 62.136.83.79 62.136.83.79 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

192.0.0.67 255.255.255.255 127.0.0.1 127.0.0.1 1

192.0.0.255 255.255.255.255 192.0.0.67 192.0.0.67 1

195.92.64.131 255.255.255.255 62.136.83.79 62.136.83.79 1

224.0.0.0 224.0.0.0 62.136.83.79 62.136.83.79 1

224.0.0.0 224.0.0.0 192.0.0.67 192.0.0.67 1

255.255.255.255 255.255.255.255 62.136.83.79 1000003 1

Default Gateway: 192.0.0.67



Persistent Routes:

None



Route table connected via VPN - DHCP static address range 172.16.0.*

(range included in LAT in ISA)



0x1000003 ...00 50 04 32 37 a6 ...... 3Com EtherLink PCI

0x2000004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface

0x5000005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface

===========================================================================

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 62.136.83.79 62.136.83.79 2

0.0.0.0 0.0.0.0 172.16.0.2 172.16.0.2 1

62.136.83.79 255.255.255.255 127.0.0.1 127.0.0.1 1

62.255.255.255 255.255.255.255 62.136.83.79 62.136.83.79 1

80.176.221.154 255.255.255.255 62.136.83.79 62.136.83.79 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

172.16.0.2 255.255.255.255 127.0.0.1 127.0.0.1 1

172.16.255.255 255.255.255.255 172.16.0.2 172.16.0.2 1

195.92.64.131 255.255.255.255 62.136.83.79 62.136.83.79 1

224.0.0.0 224.0.0.0 62.136.83.79 62.136.83.79 1

224.0.0.0 224.0.0.0 172.16.0.2 172.16.0.2 1

255.255.255.255 255.255.255.255 62.136.83.79 1000003 1

Default Gateway: 172.16.0.2

===========================================================================

Persistent Routes:

None
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Win2000 RRAS routing problem 1
Internal adaptor IP address 1
2K RRAS not routing for vpn clients 3
Static routing 2
How To Assign Private IP To VPN Client 4
Server 2008 RAS Only allowing clients to see local subnet 0
2nd route to LAN added when client connects 6
RAS VPN 1 Nic Routing? Problem 8

Top