RRAS Demand-dial VPN

[RS]

Here's the problem, I'm trying to set up a server that allows clients to
access demand-dial VPN connections from a central server.
I've set up a demand-dial interface in RRAS, the interface connects just
fine when clients try to access an IP on this interface, the problem is
that once the interface has connected and the VPN tunnel is up, the
server is the only one that can access IP's on this range ... clients
can't even ping through the VPN tunnel.

here are some detail :
LAN : 192.168.100.0/24

VPN interface (one of them) : 192.168.135.0/24

the static route created in the RRAS is 192.168.135.0 / 255.255.255.0

I Hope someone can help

best regards
René

 

[Pawan Agarwal [MSFT]]

Hi,

What I got from your problem is you have network like this
LAN ---- SERVER =======<Some remote network>

====== Demand-dial connection

You can ping from server to remote network via Demand-dial connection.
However you are not able to ping from LAN to remote network.

what seems to be happening is
Right now you seem to be able to reach remote network from both LAN and
server. However you are not able to come back from remote network to the
clients in LAN.
Reason for this could be that you don't have any route to forward packets
for client on LAN from your remote network. That's why ping-packets are able
to reach remote network and get demand-dial up. However while trying to
comeback they do not find a path to clients on LAN.
To solve this :
You need to create static route on the other side of your VPN Tunnel (ie on
remote network) to route the client address to your central server through
demand-dial connection.

Thanks
Pawan

This posting is provided "AS IS" with no warranties, and confers no rights.