additional routes for pptp vpn

Discussion in 'Windows Networking' started by Domenic DeFrancesco, Dec 22, 2005.

  1. We have a Windows 2003 setup as a PPTP server. Windows XP clients have
    no problem connecting to the PPTP server and accessing the local ip
    network of the Windows 2003 server. The PPTP clinet in Windows XP
    automatically adds a route for a class C network to the pptp interface.

    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    192.168.1.0 255.255.255.0 192.168.1.23 192.168.1.23 1
    192.168.1.23 255.255.255.255 127.0.0.1 127.0.0.1
    50
    192.168.1.255 255.255.255.255 192.168.1.23 192.168.1.23
    50

    I also want the 192.168.2.0/24 network to be routed to the pptp
    interface, so I enter "route add 192.168.2.0 mask 255.255.255.0
    192.168.1.23. This works well. However, a typical end user finds this
    very difficult to do. They must first establish the vpn, open a dos
    window, do an ipconfig to find the ip adress of the pptp interface, (as
    it will change), and then add the route command using the ip address of
    the pptp interface. To complicated for most.

    Is there a way to configure the Windows 2003 PPTP server to force the
    Windows XP client to add this route?

    If not, is there a way to configure the Windows 2003 PPTP server to
    force the Windows XP clinet to use a different netmask. In the case
    above, 192.168.0.0 netmask 255.255.252.0 to gateway 192.168.1.23 would
    do what I'm looking for.

    I've found very little about this on the net, and get the impression
    that the Windows PPTP client obtains the netmask from the IP address the
    PPTP server issues. For example, anything in the 192.168.x.x range is
    given a net mask of 255.255.255.0. Anything in the 10.x.x.x range is
    given a netmask of 255.0.0.0. And there's nothing I can do about it.
    Please tell me I'm wrong.

    Now, if that is the case, I was thinking of changing the 192.168.1.0/24
    network, (which has the Win2K PPTP server) to 192.168.1.0/25, and
    changing the 192.168.2.0/24 network to 192.168.1.128/25. Under this
    configuration, if the PPTP client still uses a netmask of 255.255.255.0,
    everything should work OK. Not a nice solution, and not scalable. I'd
    be in trouble if I need more nets, or larger nets.

    Oh, and yes, I could set the use default gateway on remote network, but
    then all internet traffic is sent down the pptp tunnel.

    Domenic
     
    Domenic DeFrancesco, Dec 22, 2005
    #1
    1. Advertisements

  2. I don't believe there is.

    You could always write a script that initiates the conenction, finds the
    address, then applies the route. Have the user execute the script to
    connect.

    Oliver
     
    Oliver O'Boyle, Dec 22, 2005
    #2
    1. Advertisements

  3. Thanks Oliver. However, I'm not good at righting scripts. How would I
    parse out the ip address of the pptp connection? Any pointers.
     
    Domenic DeFrancesco, Dec 22, 2005
    #3
  4. Thanks Oliver. However, I'm not good at righting scripts. How would I
    use the "find" command. type "find /?" for the parameters it's looking for.

    you can also use the pipe symbol "|" to push the output of the "route print"
    or "ipconfig" commands through "find", which will search the output for the
    "string" you specified on the "find" command.

    the "string" would be the IP address or the dynamic interface created when
    the VPN is initiated.

    once you can isolate the either the interface, or the IP address, your
    script can use that to "echo route add 192.168.2.0 mask 255.255.255.0 if
    0x<interface>" or the command you provided below.

    You'll just have to play around with it.

    Good luck :)
    Oliver
     
    Oliver O'Boyle, Dec 22, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.