Required PPTP breaks domain printers

  • Thread starter Thread starter Bill Hobson
  • Start date Start date
B

Bill Hobson

I have a small group of clients who connect to another domain via a PPTP
connection and Terminal Services, that I have no control over. They are
required to use the PPTP VPN connection before they can make the terminal
services connection. I have no control over these restrictions.

The PPTP connection breaks connection to their printers on my print server,
so the remote administrators added these same printers to their print server
so they can print from terminal services. The terminal services connection
does not allow the clients to use the internet - period. So these clients
use the internet from their desktops instead - the gotcha comes in when they
try to print, which is blocked as long as they are running PPTP, which means
they have to logoff of terminal services and kill their PPTP connection
every time they want to print something from the internet, like Mapquest
maps, for instance. There folks travel quite a bit, so this is a major
hassle to do this several times a day.

I found I could manually add the printers to the other domain's print
server, but the connection is lost every time they reboot. None of the
utilities I have tried will make the connection the the foreign print
server.

I have used con2prt.exe and Prnmngr.vbs and they both error without
connecting.

Anyone have a suggestion to get around this draconian security arrangement?
 
The PPTP connection is probably set to use the default gateway on the remote
network. When this is set (and it is the default setting for new
connections), your client's PCs will look for everything either on the
remote domain or through this domain's default gateway. Try disabling this
setting; the result should be that anything required from Terminal Services
will be routed through the PPTP connection, while everything else will be
sought on your local network (printers) or through the default gateway on
your local network (the Internet). Right click the PPTP connection, select
"Properties", go to the "Networking" tab, click "Internet Protocol", click
the "Properties" button, click the "Advanced" button, and UNcheck the "Use
default gateway on remote network" checkbox.

Hal
--
Hal Hostetler, CPBE -- (e-mail address removed)
Senior Engineer/MIS -- MS MVP-Print/Imaging -- WA7BGX
http://www.kvoa.com -- "When News breaks, we fix it!"
KVOA Television, Tucson, AZ. NBC Channel 4
Still Cadillacin' - www.badnewsbluesband.com
 
I'm a little surprised at that. The other thing your might try is to add a
static route to the terminal server. I'd be interested to see what your
machine's routing table shows with the VPN tunnel active, but set to use the
local default gateway.

Hal
--
Hal Hostetler, CPBE -- (e-mail address removed)
Senior Engineer/MIS -- MS MVP- Print /Imaging -- WA7BGX
http://www.kvoa.com -- "When News breaks, we fix it!"
KVOA Television, Tucson, AZ. NBC Channel 4
Still Cadillacin' - www.badnewsbluesband.com
 
I am going to try to get an account so I can test from my workstation. it is
a real pain to try and catch someone in and then take away their computer
for testing.I will do some before and after looks at the routing tables to
see what is going on.

I do think you are on to a path to the solution - it is just going to take
more testing and configuring to get there!
 
Back
Top