VPN connections issue

A

aba169

I've recently set up a VPN that uses dhcp on an RRAS
server on our network to give out ip addresses. Remote
clients can connect to the internal network but cannot map
to any network resources. The remote clients can ping
internal machines by IP address but not by name.

The ip address assigned to the client is within the
defined scope but the subnet mask is showing as
255.255.255.255 and the gateway shows as the ip address
that was assigned by the DHCP server.

I'm guessing I have a name resolution issue but what else?
How can I correct the subnet mask and provide network
browsing for VPN clients?

Thanks in advance!
 
P

Pawan Agarwal \(MSFT\)

Subnet mask for vpn client interface is always 255.255.255.255.
1) You should do "route print" to see whether you have any default route
using your vpn interface was added or no.
Check to make sure that "Use default gateway on remote network" check box at
properties of vpn client interface --> networking tab --> tcp ip -->
properties button --> advanced button --> general tab.
If this check-box is cheked then a default route is added,with vpn server as
default gateway, whenever vpn connection is made.
2) Do tracert -d <internal machine> to see what path is taken packets and
confirm that they are going via vpn server.
3) Is access to internal machines by ip address (ie net use <interna machine
ip>) also failing. If ping works then access by ip-address should also work.
4) For name resolution to happen properly see if you are getting proper dns
server (by ipconfig /all for vpn client interface).

Hope it helps
-Pawan
 
A

aba169

Thanks for the help. With some changes I am now able to
map drives using net use through dos & also explorer. When
I try to browse the network I get a message that the list
of servers is not available. When I do the tracert you
suggested the first hop listed shows an IP address that is
inside the DHCP scope (the 111.111.111.221 shown below).

It seems like this should be either the VPN server IP or
the DHCP server IP, not another DHCP client address???

The "use default gateway" selection is checked on the
remote vpn client.

Shoudn't I be able to "browse" the network?

tracert -d dss-myserver.dss.com
Tracing route to dss-myserver.dss.com [111.111.111.194]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 111.111.111.221
2 <10 ms <10 ms <10 ms 111.111.111.194

DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 111.111.111.219
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 111.111.111.194
111.111.111.194
Primary WINS Server . . . . . . . : 111.111.111.194
Thanks again!!!
 
B

Bill Grant

Browsing usually doesn't work in a case like this. Browsing depends on
LAN broadcasts, and these don't cross routers or dialup links. So your
remote client won't appear in the LAN browse list, and your remote client
won't see the LAN master browser.

aba169 said:
Thanks for the help. With some changes I am now able to
map drives using net use through dos & also explorer. When
I try to browse the network I get a message that the list
of servers is not available. When I do the tracert you
suggested the first hop listed shows an IP address that is
inside the DHCP scope (the 111.111.111.221 shown below).

It seems like this should be either the VPN server IP or
the DHCP server IP, not another DHCP client address???

The "use default gateway" selection is checked on the
remote vpn client.

Shoudn't I be able to "browse" the network?

tracert -d dss-myserver.dss.com
Tracing route to dss-myserver.dss.com [111.111.111.194]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 111.111.111.221
2 <10 ms <10 ms <10 ms 111.111.111.194

DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 111.111.111.219
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 111.111.111.194
111.111.111.194
Primary WINS Server . . . . . . . : 111.111.111.194
Thanks again!!!
-----Original Message-----
Subnet mask for vpn client interface is always 255.255.255.255.
1) You should do "route print" to see whether you have any default route
using your vpn interface was added or no.
Check to make sure that "Use default gateway on remote network" check box at
properties of vpn client interface --> networking tab --> tcp ip -->
properties button --> advanced button --> general tab.
If this check-box is cheked then a default route is added,with vpn server as
default gateway, whenever vpn connection is made.
2) Do tracert -d <internal machine> to see what path is taken packets and
confirm that they are going via vpn server.
3) Is access to internal machines by ip address (ie net use <interna machine
ip>) also failing. If ping works then access by ip- address should also work.
4) For name resolution to happen properly see if you are getting proper dns
server (by ipconfig /all for vpn client interface).

Hope it helps
-Pawan

--
---------------------------------------------------------- ---------------
"This posting is provided "AS IS" with no warranties, and confers no
rights."
---------------------------------------------------------- --------------




.
Click to expand...
Click to expand...
 
A

aba169

Thanks a lot for that info, I glad you added that or eles
I'd be hunting for an answer that didn't exist.

I appreciate everyone's help.

-----Original Message-----
Browsing usually doesn't work in a case like this. Browsing depends on
LAN broadcasts, and these don't cross routers or dialup links. So your
remote client won't appear in the LAN browse list, and your remote client
won't see the LAN master browser.

Thanks for the help. With some changes I am now able to
map drives using net use through dos & also explorer. When
I try to browse the network I get a message that the list
of servers is not available. When I do the tracert you
suggested the first hop listed shows an IP address that is
inside the DHCP scope (the 111.111.111.221 shown below).

It seems like this should be either the VPN server IP or
the DHCP server IP, not another DHCP client address???

The "use default gateway" selection is checked on the
remote vpn client.

Shoudn't I be able to "browse" the network?

tracert -d dss-myserver.dss.com
Tracing route to dss-myserver.dss.com [111.111.111.194]
over a maximum of 30 hops:
1 <10 ms <10 ms <10 ms 111.111.111.221
2 <10 ms <10 ms <10 ms 111.111.111.194

DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 111.111.111.219
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 111.111.111.194
111.111.111.194
Primary WINS Server . . . . . . . : 111.111.111.194
Thanks again!!!
-----Original Message-----
Subnet mask for vpn client interface is always 255.255.255.255.
1) You should do "route print" to see whether you have any default route
using your vpn interface was added or no.
Check to make sure that "Use default gateway on remote network" check box at
properties of vpn client interface --> networking tab -
Click to expand...
->
tcp ip -->
properties button --> advanced button --> general tab.
If this check-box is cheked then a default route is added,with vpn server as
default gateway, whenever vpn connection is made.
2) Do tracert -d <internal machine> to see what path is taken packets and
confirm that they are going via vpn server.
3) Is access to internal machines by ip address (ie net use <interna machine
ip>) also failing. If ping works then access by ip- address should also work.
4) For name resolution to happen properly see if you
Click to expand...
are
getting proper dns
server (by ipconfig /all for vpn client interface).

Hope it helps
-Pawan
Click to expand...
---
---------------
"This posting is provided "AS IS" with no warranties,
Click to expand...
and
confers no
rights."
-------------------------------------------------------
Click to expand...
---
--------------
I've recently set up a VPN that uses dhcp on an RRAS
server on our network to give out ip addresses. Remote
clients can connect to the internal network but
Click to expand...
cannot
map
to any network resources. The remote clients can ping
internal machines by IP address but not by name.

The ip address assigned to the client is within the
defined scope but the subnet mask is showing as
255.255.255.255 and the gateway shows as the ip address
that was assigned by the DHCP server.

I'm guessing I have a name resolution issue but what else?
How can I correct the subnet mask and provide network
browsing for VPN clients?

Thanks in advance!


.
Click to expand...
Click to expand...


.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN connects, Unable to ping anything but the VPN server 7
VPN and .192 subnet mask 2
Subnet Mask problem? 3
2K RRAS not routing for vpn clients 3
Internal adaptor IP address 1
WK2 VPN: temporary 169.254.x.x IP address being assigned. 2
PPP RAS Adapter 2
RRAS as VPN Server Configuration Questions... 8

Top