VPN and LAN gateway casuing problem to get to internet

03-17-2006, 09:07 AM

Hi,

I just finished setting up the vpn on a windows 2003 DC server. Currently, i
have gateway problem that i canot understand.

Before I setup the VPN i used only one network card which is connected to
the linksys router with following IP address found below.

Linksys WAN =
66.201.208.68/IP
255.255.255.192/SM
66.201.208.65/GW
10.1.1.1/DNS

NIC1-LAN =
192.168.1.10/IP
255.255.255.0/SM
192.168.1.1 /GW
192.168.1.10/DNS

The DC is setup with DHCP and all local clients connect and share files
without any problem.

To Install the VPN, I added a second NIC2 card and assigned NIC2 as a VPN
connection. In NIC2 i connected directly to the WAN connection with a static
IP address found below.

At this point the VPN connection does not connect from outside to NIC2. But
LAN network works fine without a problem.
NIC NIC1(LAN) NIC2(VPN)
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW 192.168.1.1 65.201.208.65
DNS 192.168.1.10 10.1.1.1

To make the VPN work, I removed the gateway on NIC1. The VPN to NIC2 works
from outside. Remote users can login and able to access the network.
BUT,,,No Internet access for LAN users.
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW ---.---.--.--- 65.201.208.65
DNS 192.168.1.10 10.1.1.1

So i changed the gateway by adding the local gateway and removed the Wan
gateway.
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW 192.168.1.1 --.--.--.--
DNS 192.168.1.10 10.1.1.1

Now the Local users can access the internet, but VPN access is not working.
Could you assist what i need to do? Thank you.

03-17-2006, 04:51 PM

We have some issues here. first of all, it is not recommended to install VPN on a DC. If you do, you may have a connectivity and/or name resolution issue. The fix can be found the below link. Also, you should use just one default gateway which is outside NIC IP (in your case is 2nd configuration).

Name resulotion on VPN Connection issues on DC, ISA, DNS and WINS server as VPN server How to assign DNS and WINS on VPN client manually Name resolution Issue in a VPN client ...
www.chicagotech.net/nameresolutionpnvpn.htm

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
<(E-Mail Removed)> wrote in message news:0285A019-EC52-4F57-9DC9-(E-Mail Removed)...
Hi,

I just finished setting up the vpn on a windows 2003 DC server. Currently, i
have gateway problem that i canot understand.

Before I setup the VPN i used only one network card which is connected to
the linksys router with following IP address found below.

Linksys WAN =
66.201.208.68/IP
255.255.255.192/SM
66.201.208.65/GW
10.1.1.1/DNS

NIC1-LAN =
192.168.1.10/IP
255.255.255.0/SM
192.168.1.1 /GW
192.168.1.10/DNS

The DC is setup with DHCP and all local clients connect and share files
without any problem.

To Install the VPN, I added a second NIC2 card and assigned NIC2 as a VPN
connection. In NIC2 i connected directly to the WAN connection with a static
IP address found below.

At this point the VPN connection does not connect from outside to NIC2. But
LAN network works fine without a problem.
NIC NIC1(LAN) NIC2(VPN)
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW 192.168.1.1 65.201.208.65
DNS 192.168.1.10 10.1.1.1

To make the VPN work, I removed the gateway on NIC1. The VPN to NIC2 works
from outside. Remote users can login and able to access the network.
BUT,,,No Internet access for LAN users.
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW ---.---.--.--- 65.201.208.65
DNS 192.168.1.10 10.1.1.1

So i changed the gateway by adding the local gateway and removed the Wan
gateway.
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW 192.168.1.1 --.--.--.--
DNS 192.168.1.10 10.1.1.1

Now the Local users can access the internet, but VPN access is not working.
Could you assist what i need to do? Thank you.

03-18-2006, 11:11 PM

Hi, Thanks for the reply. The connectivity from outside works perfect when i
assign the gateway on the WAN NIC2 card and remove the LAN Gateway. The
problem i have is that, the local PC looses the connection to the Internet
when this is done. If I change the Gateway back to Lan and remove from the
Wan, the local PCs can access the internet, but the VPN connection will not
work.

NIC1 LAN NIC2 WAN Result
Gateway No Gateway No VPN connection from
outside, but
internet
works for local LAN users

No gateway Gateway VPN works from outside,
but LAN
users
cannot access internet.

Any ideal???
--
Thomas Lee

"Robert L [MS-MVP]" wrote:

> We have some issues here. first of all, it is not recommended to install VPN on a DC. If you do, you may have a connectivity and/or name resolution issue. The fix can be found the below link. Also, you should use just one default gateway which is outside NIC IP (in your case is 2nd configuration).
>
> Name resulotion on VPN Connection issues on DC, ISA, DNS and WINS server as VPN server How to assign DNS and WINS on VPN client manually Name resolution Issue in a VPN client ...
> www.chicagotech.net/nameresolutionpnvpn.htm
>
>
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
> <(E-Mail Removed)> wrote in message news:0285A019-EC52-4F57-9DC9-(E-Mail Removed)...
> Hi,
>
> I just finished setting up the vpn on a windows 2003 DC server. Currently, i
> have gateway problem that i canot understand.
>
> Before I setup the VPN i used only one network card which is connected to
> the linksys router with following IP address found below.
>
> Linksys WAN =
> 66.201.208.68/IP
> 255.255.255.192/SM
> 66.201.208.65/GW
> 10.1.1.1/DNS
>
> NIC1-LAN =
> 192.168.1.10/IP
> 255.255.255.0/SM
> 192.168.1.1 /GW
> 192.168.1.10/DNS
>
> The DC is setup with DHCP and all local clients connect and share files
> without any problem.
>
> To Install the VPN, I added a second NIC2 card and assigned NIC2 as a VPN
> connection. In NIC2 i connected directly to the WAN connection with a static
> IP address found below.
>
> At this point the VPN connection does not connect from outside to NIC2. But
> LAN network works fine without a problem.
> NIC NIC1(LAN) NIC2(VPN)
> IP 192.168.1.10 66.201.208.70
> SM 255.255.255.0 255.255.255.128
> GW 192.168.1.1 65.201.208.65
> DNS 192.168.1.10 10.1.1.1
>
> To make the VPN work, I removed the gateway on NIC1. The VPN to NIC2 works
> from outside. Remote users can login and able to access the network.
> BUT,,,No Internet access for LAN users.
> IP 192.168.1.10 66.201.208.70
> SM 255.255.255.0 255.255.255.128
> GW ---.---.--.--- 65.201.208.65
> DNS 192.168.1.10 10.1.1.1
>
> So i changed the gateway by adding the local gateway and removed the Wan
> gateway.
> IP 192.168.1.10 66.201.208.70
> SM 255.255.255.0 255.255.255.128
> GW 192.168.1.1 --.--.--.--
> DNS 192.168.1.10 10.1.1.1
>
> Now the Local users can access the internet, but VPN access is not working.
> Could you assist what i need to do? Thank you

03-20-2006, 04:09 PM

GW on LAN must be same as VPN.

NIC NIC1(LAN) NIC2(VPN)
IP 192.168.1.10 66.201.208.70
SM 255.255.255.0 255.255.255.128
GW 65.201.208.65 65.201.208.65
DNS 192.168.1.10 10.1.1.1

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Internet Gateway	Installer	Wireless Networks	2	02-09-2006 04:10 AM
Internet gateway	eeh	Linux Networking	32	11-17-2005 08:53 PM
Internet Gateway device created in Network Connections when I removed Internet Connection Sharing	Martin Underwood	Home Networking	2	04-07-2005 12:56 PM
Gateway can't get to Internet	Monty Wiseman	Linux Networking	3	08-19-2003 09:58 AM
W98 and Internet Gateway uninstall problem	Barb	Windows Networking	2	07-24-2003 12:11 AM