I can't think of any way that you can get this to work with a static pool
of addressses which don't match the LAN IPs. If you read KB 254231 you will
see that the subnet route matches the "received" IP. That means that the
subnet route will be for 192.168.251.0/24 , not 192.168.0.0/24 . So no
traffic for 192.168.0.0 IPs will go across the VPNlink if you clear the "use
default gateway.." switch.
It should work if you use a static pool of addresses from 192.168.0.0
(say 192.168.0.240 to 192.168.0.249) and reserve those IPs in your DHCP
scope.
There is really no way to assign a default gateway or a static route
manually. What would you specify as the IP address of the interface? The
interface doesn't exist until the connection is made.
"Gilbert" <(E-Mail Removed)> wrote in message
news:33565805-DFDC-4A50-9DFE-(E-Mail Removed)...
> Yes, IP routing is enabled. There's no routes specified in the Static
> Routes
> section. I've tried to add a static route 0.0.0.0 0.0.0.0 to point to the
> default gateway on the LAN (192.168.0.254). I was thinking that the VPN
> clients should see that default route in there and route everything to
> that
> ip. It didn't seem to work.
>
> The VPN server's local lan ips are 192.168.0.0-254 (Class C). The pool
> for
> VPN clients is 192.168.251.0-254 (class C).
>
>
> "Bill Grant" wrote:
>
>> No, you cannot specify a default gateway in that case. If you clear
>> the
>> "use default gateway..." switch, the default gateway remains the same as
>> it
>> was before, so that you can still access the Internet. Instead you get a
>> subnet route to the remote site. Is IP routing enabled on the VPN server
>> so
>> that it can route between the LAN subnet and your address pool subnet?
>>
>> "Gilbert" <(E-Mail Removed)> wrote in message
>> news:9511098F-5308-46CC-9F9A-(E-Mail Removed)...
>> >I tried that but as soon as I do that, I can't connect to any resources
>> >on
>> > the remote network.
>> >
>> > I have a static address pool setup but I didn't see any spot in there
>> > where
>> > I can specify a default gateway or dns info. (I can only input an
>> > address
>> > range)
>> >
>> > "Bill Grant" wrote:
>> >
>> >> By default a client will have its default gateway set to the VPN
>> >> tunnel,so all non-local traffic goes over the VPN link.. To keep your
>> >> existing gateway you clear the "use default gateway on remote network"
>> >> in
>> >> the client's connection properties. The client then only gets a subnet
>> >> route
>> >> through the tunnel. See KB 254231 for more details.
>> >>
>> >> "Gilbert" <(E-Mail Removed)> wrote in message
>> >> news:A70A6A32-1E19-4C80-9D1C-(E-Mail Removed)...
>> >> > I'm running a Windows 2003 Small Business Server and I setup remote
>> >> > access
>> >> > on
>> >> > it. I'm using PPTP. I've opened up port 1723 and GRE Protocol 47
>> >> > to
>> >> > be
>> >> > forwarded to the server thru the router/firewall. I can connect to
>> >> > the
>> >> > server remotely and access internal resources. However, I can't
>> >> > Internet
>> >> > when I'm VPNed in.
>> >> >
>> >> > 1. Is there a way to enable split (sometimes called full) tunnel so
>> >> > that
>> >> > I
>> >> > can access the Internet while I'm VPNed in?
>> >> >
>> >> > 2. Are users restricted to only 1 session? What I mean by that is
>> >> > can
>> >> > I
>> >> > just create a user called Remote or whatever and then have multiple
>> >> > users
>> >> > use
>> >> > that same account?
>> >>
>> >>
>> >>
>>
>>
>>
|
Similar Threads
Linear Mode
