desperate - unable to browse Internet while dialing to RAS/VPN

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi everyone,

I set up a windows 2003 server as VPN and RAS. I created two policies one
for each that would allow client to authenticate through AD groups.
I have two NICs (LAN and OUT) and a modem. I configured only OUT with its
gateway address and left blank the gateway for LAN. At this point windows was
having a hard time routing at all.
So i added the following persistent routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 10.1.52.1 1
0.0.0.0 0.0.0.0 66.195.8.1 10
This allowed windows to route and allows VPN and Dial up users to connect.
While connected through dialing, I am able to browse the intranet but I
cannot browse Internet. And I need that Dial up user to be able to browse
both.
Once I play around with the routes, I might find some combination that
allows dial up users to browse intranet and internet but this causes VPN
users to not be able to connect at all.

I am desperate. Please, give me some directions what to do, because I have
no idea. I knew that routing in Windows is difficult but I couldn't imagine
to be so difficult.

I appreciate any directions.

Thank you
 
Gentian said:
Hi everyone,

I set up a windows 2003 server as VPN and RAS. I created two policies one
for each that would allow client to authenticate through AD groups.
I have two NICs (LAN and OUT) and a modem. I configured only OUT with its
gateway address and left blank the gateway for LAN. At this point windows was
having a hard time routing at all.
So i added the following persistent routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 10.1.52.1 1
0.0.0.0 0.0.0.0 66.195.8.1 10
This allowed windows to route and allows VPN and Dial up users to connect.
While connected through dialing, I am able to browse the intranet but I
cannot browse Internet. And I need that Dial up user to be able to browse
both.
Once I play around with the routes, I might find some combination that
allows dial up users to browse intranet and internet but this causes VPN
users to not be able to connect at all.

I am desperate. Please, give me some directions what to do, because I have
no idea. I knew that routing in Windows is difficult but I couldn't imagine
to be so difficult.

I appreciate any directions.

Thank you
Click to expand...

Goto the properties of the VPN connection -> goto the networking tab->
to the tcp/ip properties -> click the advanced tab -> uncheck use
default gateway on remote network. Reconnect. This is on win2K and XP
clients.

hth
Chad
 
I am not having trouble with VPN connections. I do not need VPN clients to
connect to Internet. I need dial up clients who have no other connection to
internet, to be able to browse internet.

Thanks however
 
Gentian said:
I am not having trouble with VPN connections. I do not need VPN clients to
connect to Internet. I need dial up clients who have no other connection to
internet, to be able to browse internet.

Thanks however

:
Click to expand...
Ah I see my bad...


So what happens when you run a tracert to a web site when a vpn user
connects? From that you should be able to find the last hop that fails.
Also you will find out whether or not you get DNS resolution. So tracert
www.zdnet.com if that fails try tracert 216.239.115.149 which is
zdnet.com's ip...


hth

Chad
 
many possibilities. 1. use pathping to check where the traffic to go.
2. have you setup NAT?
3. by default, the VPN may enable filtering.

--
For more and other information, go to http://www.ChicagoTech.net

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.
 
How do your LAN clients get to the Internet? Do they use NAT on the RRAS
server?

If that is the case, you need to add the internal interface (to which
the remotes connect) as a private interface to NAT. You can do this from the
NAT section of the RRAS console. Then the remotes can also use NAT on the
server to get to the Internet.
 
Back
Top