|
|
|||
Home | Troubleshooting | Quick Setup | Cisco How to | Data Recovery | Forums | Blog | IT Exam Practice | Services | About Us | Chicagotech MVP | Search | Contact Us | |
|
Routing Issues on VPN
Can ping VPN
server only but not other resources Post your questions, comments, feedbacks and suggestions Can ping VPN server only but not other resources Symptom: after establishing VPN, you can ping and access the VPN server, but not other servers and the network resources. Cause: 1. incorrect NAT/Firewall settings. Can't access the internal server when remote client establishes VPN Symptoms: Two offices are connected using a vpn. Both offices run W2K servers, RAS & TS. When office A connects to Office B you can not connect to office A from anywhere except from office B. You can not connect using TS, or a vpn connection. In order to gain access to office A, you have to connect to office B, disconnect the client in RAS, then you can connect to office A. Resolution: When establishing VPN to the office A, the routing table changes. To fix this issue, disable the "Use default gateway" on the Office A VPN server. Or modify the routing table manually. Can't access the Internet while using VPN Symptom: after establishing a VPN connection, you may not be able to access the Internet because the VPN takes over your existing connection and all traffic to use the VPN default gateway on the remote network. The remote network may not allow VPN clients to access the Internet via their gateway.
Resolutions: Can't access the remote network after unchecking "Use default gateway on Remote Network" Symptom: After following above instruction and uncheck "Use default gateway on Remote Network" on VPN connection, you can't access to the remote network any more. For example, your LAN network is 192.0.0.0 and default gateway is 192.0.0.1; the VPN is 192.0.1.0 and gateway 192.0.1.1.that is connecting to the remote network 10.0.0.0. After establishing the VPN connection and unchecking "Use default gateway on Remote Network", your computer use 192.0.0.1 as gateway instead of 192.0.1.1 and can't find a way to 10.0.0.0 network. Resolution: you need modify the route table manually or refer to our Routing page on this web. Or check "Use default gateway on Remote Network" on VPN connection. Can't access the remote network from VPN clients Symptoms: Your VPN client can ping/access the server but not other computers in the remote network. Resolutions: 1) if you have two
NICs in the VPN server, you may need to enable IP Routing. To do this, go to
the RRAS>the Properties of the server>IP, check IP Routing. Can my VPN server as a VPN server and also act as a router SYMPTOMS: If you enable VPN on a server, the RRAS will accept incoming VPN connections only and secures the RRAS by enabling filters that only accept PPTP or L2TP traffic. Then network traffic over the VPN connections and the internal LAN connection are normal but the RRAS will not forward packets over the interface except PPTP or L2TP traffic.RESOLUTION: If you want your server to be a VPN server and also act as a router, you should select Manually configured server from above options and configure the RRAS as a router.Connectivity issue after enabling VPN in multihomed server Symptoms: after you enable VPN on a server as a router or with two or more NICs, you may experience some issues. 1) the internal computers can't access the Internet; 2) outside VPN clients can't access the VPN server; 3) can't access the server using TS and VNC form the internal or outside. Causes: for the security reason, the RRAS modify the routing table and enable incoming VPN connections only so that no other forward packets over the interface except PPTP or L2TP traffic. For consultants, refer to case 090804RL. TTL expired in transit and Destination host unreachable Symptoms: After enabling VPN on a Windows
2000 server you may have these issues: 1. From the server, you receive
"Destination host unreachable" when ping outside IP. Cause: Outside NIC Filter is enabled.
|
|
|
This web is provided "AS IS" with no warranties.
Copyright © 2002-2018
ChicagoTech.net,
All rights reserved. Unauthorized reproduction forbidden.