Redirecting VPN clients so they 'use' the VPN tunnel to access the Internet

G

Guest

I saw a similar post below that had an issue with the reverse, he wanted to shut the clients off from being able to route internet traffic through his VPN connection. I have the 'reverse' problem. I would like to allow clients who have VPN'd into my server to in turn route internet traffic through that VPN connection. My problem is if I set the client to 'use default gateway on remote network', the VPN client connection hands out the VPN client IP address as the default gateway (not sure if this is the issue or not) and the client can't access the internet at all, it just doesn't find it. If I change the client to 'not' use the default gateway on the remote network and split the tunneling, they find the internet just fine.

The irony is when I'm testing it from home anyways, the routing server is the same server. So local clients use my server as a route to the internet, and that works fine...but if a remote client VPNs into that same server and then tries to access the internet, it can't. I see all the local computers just fine when I establish the VPN connection.
 
B

Bill Grant

Is your server doing NAT for the local clients? With the standard
setup, the server cannot do NAT for remote clients. The "virtual" interface
to which the remotes connect is not an input to NAT - only the LAN NIC is.

You can fix this from the RRAS console inW2k3. But if you are using W2k,
you need to use a netsh command to make the internal interface an input to
NAT. From a command prompt, do

netsh routing ip nat add interface internal private

notebene said:
I saw a similar post below that had an issue with the reverse, he wanted
to shut the clients off from being able to route internet traffic through
his VPN connection. I have the 'reverse' problem. I would like to allow
clients who have VPN'd into my server to in turn route internet traffic
through that VPN connection. My problem is if I set the client to 'use
default gateway on remote network', the VPN client connection hands out the
VPN client IP address as the default gateway (not sure if this is the issue
or not) and the client can't access the internet at all, it just doesn't
find it. If I change the client to 'not' use the default gateway on the
remote network and split the tunneling, they find the internet just fine.
The irony is when I'm testing it from home anyways, the routing server is
the same server. So local clients use my server as a route to the internet,
and that works fine...but if a remote client VPNs into that same server and
then tries to access the internet, it can't. I see all the local computers
just fine when I establish the VPN connection.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top