Dialin RAS connection cannot reach Internet

  • Thread starter Thread starter Kevin Shoemaker
  • Start date Start date
K

Kevin Shoemaker

I've got a network configured as shown below. The broadband router has
most of the "network" responsibilities like NAT and DHCP. Win2KSrv has
2 NICs and a modem. 1 NIC is disabled and the other has a static IP
address on the 192.168.* network.

I've configured Routing and Remote Access on Win2KSrv to accept
incoming connections on the modem and relay the DHCP requests to the
router. This works, and XPClient4 gets an IP address from the DHCP
server and can access resources on the private network. However,
XPClient4 can't reach the Internet in this scenario.

Is this possible, and if so, what I need to configure to enable it? Do
I need to move NAT/DHCP onto Win2KSrv? Enable the second NIC? Add
another network address? Whatever?


Internet
|
|
|
Broadband Router
(192.168.2.1, DHCP, NAT)
|
|
|
-----------192.168.2.*-Network----------
| | | |
| | | |
Win2KSrv XPClient1 XPClient2 XPClient3
|
|
Modem
Incoming
RRAS
|
|
XPClient4
 
quoted from http://www.ChicagoTech.net

Can't access the Internet while using VPN

Symptom: after establishing a VPN connection, you may not be able to access
the Internet because the VPN takes over your existing connection and all
traffic to use the VPN default gateway on the remote network. The remote
network may not allow VPN clients to access the Internet via their gateway.

Resolutions:
1) If you don't need to access the entire VPN resources, disable the "use
default gateway on remote network" option in the properties of the VPN
connection. To do that, go to VPN
Connection->Properties->Network->TCP/IP->Properties->Advanced-, uncheck
"Use default gateway on Remote Network".
2) Edit route table manually if you know how to or check routing page on
this web site.
3) For the security reason, some firewall/routers like Cisco PIX do not
allow access the Internet after establishing the VPN and you cannot modify
the routing table. You may setup split-tunnel.


Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
 
It could be a routing problem. With the "on subnet" addresses for the
remote, the remote contacts the LAN machines by proxy (the RRAS server does
proxy ARP for the remote). This sometimes fails for an Internet connection
via another router. If you can't get it working, try using a static pool of
addresses in another subnet for the remotes, and route that subnet via the
RRAS server.

Apart from routing, how is DNS handled? Does the remote client receive
the address of a DNS server which can resolve Internet names?
 
Back
Top