Another RRAS IP address question

  • Thread starter Thread starter Gary Hunter
  • Start date Start date
G

Gary Hunter

1. We use an isolated Win2k server outside our firewall.
Users are able VPN via PPTP to connect to this and
provided they tick "use default gateway on remote network"
they can be passed through the firewall successfully and
operate as required.
2. The difficulty is that I want to be able to use a split
tunnel so I want to operate with use "default gateway
unticked"
3.I can establish a static route at the client end and
operate but as IP addresses are dynamically assigned, I
need to 1st due an ipconfig to determine my own
dynamically assigned ip and then use that IP as the
gateway address in the route command.
4. Getting RAS to assign a static IP is not an option as I
don't want to put the server irrevocably in to Native mode.

Scripting to determine the IP addres and establish the
route is, I suppose, an option but my scripting kills are
very limited and perhaps I am missing an obvious solution.
 
As I understand by your statement, You want to open a split tunnel. Is that
all you want?
Then You can untick the "Use default gateway" option on the connectoid

Goto Network folder-> Properties of your Connectoid->Networking-> TCP/IP
tab->Advance-> untick the default gateway option.

Let me know if you are trying to do something else.
 
Obviously, I did not make my self clear
1. I do know how to create a split tunnel and have done
so.
2. Because the VPN is being terminated on a Server
Outside the firewall and I need to contact a server on
another sub net located inside the firewall and the
default gateway on remote network is not being used I
need routing to cause the traffic to go thru the tunnel
and to the internal server.
3. I can establish a static route at the remote
workstation which effects the requirement in statement 2
above and this works.
4. The problem is that as RAS normally assigns remote
workstations a dynamic IP and as the command to establish
a static route requires supplying the gateway address
which in this case is the dynamiccally assigned IP of the
workstation on the VPN interface, I believe I need to

aaa. Do an IPCONFIG on the remote workstation and
determine its VPN IP address and THEN

bbb. Type ROUTE (server IP Address) MASK (mask)
(dynamically assigned IP address)

I am looking for a way to automate this process or for a
better way to establish the end goal of connecting to the
remote server via the split tunnel.
 
Back
Top