Windows 2003 Server, PPTP, Additional Networks

Hello all,

I installed a new machine to replace our old VPN server, but can't get
routes working correctly. The VPN server is behind a firewall, with 1:1 NAT.
The server sits on a private range of 10.10.2.0/24. Clients can connect to
the server and access any machines that are also on the 10.10.2.0 subnet.
There are 2 other offices connected via frame relay 10.10.3.0/24 and
10.10.4.0/24. Clients can not currently connect to any of the other subnets.
This all was working on our previous Windows 2000 Server running RRAS. I
can't for the life of me remember the magic to get the other subnets visable
to the clients.I vaguely remember adding persistent routes on the server,
but I tried doing route add -p 10.10.3.0 mask 255.255.255.0 10.10.2.2 on the
server, but there was no change in the client (even after rebooting the
server and reconnecting the client). BTW, I use 10.10.1.0 for the frame
relay side of the routers connecting each site. I have also added the
persistent route for 10.10.1.0 to no avail.

Something I thought was very odd.... on the client, if I do a ping -t
10.10.1.1 (the frame relay side of the 10.10.2.2 router) I get, as expected,
a timeout. Then I connect the PPTP session, and for 4-5 replies, I get
replies from 10.10.1.1, then it goes back to timeout. so during the
establishing connection phase, traffic gets routed through as I'd like but
then gets killed once the connection is finished setting up. bizarre.

Thanks for any help you can provide. The old server is having hardware
problems, so I need to retire is ASAP, but need to resolve these routing
problems first!

Aaron

If the remotes are getting 10.10.2.x addresses it should just work. The
VPN server should act as a proxy for the remotes. If the server can see the
other subnets, the remote clients should as well.

If you can't get it to work, put the remotes in their own 10.10.n
subnet. Then enable IP routing on the VPN server and add a static route to
the frame relay router to forward traffic for 10.10.n.0 to the VPN server.

Aaron Everett wrote:
> Hello all,
>
> I installed a new machine to replace our old VPN server, but can't get
> routes working correctly. The VPN server is behind a firewall, with
> 1:1 NAT. The server sits on a private range of 10.10.2.0/24. Clients
> can connect to the server and access any machines that are also on
> the 10.10.2.0 subnet. There are 2 other offices connected via frame
> relay 10.10.3.0/24 and 10.10.4.0/24. Clients can not currently connect to
> any of the other
> subnets. This all was working on our previous Windows 2000 Server
> running RRAS. I can't for the life of me remember the magic to get
> the other subnets visable to the clients.I vaguely remember adding
> persistent routes on the server, but I tried doing route add -p
> 10.10.3.0 mask 255.255.255.0 10.10.2.2 on the server, but there was
> no change in the client (even after rebooting the server and
> reconnecting the client). BTW, I use 10.10.1.0 for the frame relay
> side of the routers connecting each site. I have also added the
> persistent route for 10.10.1.0 to no avail.
> Something I thought was very odd.... on the client, if I do a ping
> -t 10.10.1.1 (the frame relay side of the 10.10.2.2 router) I get, as
> expected, a timeout. Then I connect the PPTP session, and for 4-5
> replies, I get replies from 10.10.1.1, then it goes back to timeout.
> so during the establishing connection phase, traffic gets routed
> through as I'd like but then gets killed once the connection is
> finished setting up. bizarre.
> Thanks for any help you can provide. The old server is having hardware
> problems, so I need to retire is ASAP, but need to resolve these
> routing problems first!
>
> Aaron