VPN networking problem

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have been having a recent problem with my remote users connecting via VPN.
I have a W2K server with a single NIC which accepts VPN connections through a
firewall. There is a static address pool from which incoming users receive an
IP address. Users can connect via VPN, can connect to a Unix box using a
secure telnet client, but cannot connect to Exchange using the Outlook client
(i'm pretty sure Outlook is configured correctly, as the laptop can connect
with no problem when logged onto the network locally). IPCONFIG from the RRAS
server:
Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel 8255x-based PCI Ethernet
Adapt
er (10/100)
Physical Address. . . . . . . . . : 00-B0-D0-68-D3-32
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.5
DNS Servers . . . . . . . . . . . : 10.10.10.1
Primary WINS Server . . . . . . . : 10.10.10.1

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.81
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

IPCONFIG from a client which cannot connect to Exchange:
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : dhhmbv01
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.
domain.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-06-5B-48-E8-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 69.140.91.227
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 69.140.91.1
DHCP Server . . . . . . . . . . . : 68.87.73.12
DNS Servers . . . . . . . . . . . : 68.87.73.242
68.87.71.226
Lease Obtained. . . . . . . . . . : Friday, December 02, 2005
1:13:56 PM

Lease Expires . . . . . . . . . . : Tuesday, December 06, 2005
1:13:56 P
M

PPP adapter domain:

Connection-specific DNS Suffix . : domain.com
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.82
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.1

As you can see, on the RAS server, the subnet mask on the PPP adapter is
different than the subnet mask on the ethernet adapter (which is the correct
subnet mask for the network). Also there is no default gateway assigned to
the PPP adapter.The client seems to be picking up IP settings from the PPP
adapter, and I believe this could be the root of my problem. Two questions:
1) Could this be the cause of the inability to connect to Exchange, while
still allowing a telnet connection to another server?
2) If so, where can I adjust the settings for the PPP adapter to add the
correct subnet mask and default gateway? I have looked in the network
properties and the RRAS properties but cannot seem to find it.
Thanks in advance for any help you can offer.
 
Since you can access the Unix, it may be the name resolution issue. Can you ping the exchange server by IP? if yes, can you ping it by name?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com

I have been having a recent problem with my remote users connecting via VPN.
I have a W2K server with a single NIC which accepts VPN connections through a
firewall. There is a static address pool from which incoming users receive an
IP address. Users can connect via VPN, can connect to a Unix box using a
secure telnet client, but cannot connect to Exchange using the Outlook client
(i'm pretty sure Outlook is configured correctly, as the laptop can connect
with no problem when logged onto the network locally). IPCONFIG from the RRAS
server:
Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel 8255x-based PCI Ethernet
Adapt
er (10/100)
Physical Address. . . . . . . . . : 00-B0-D0-68-D3-32
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.5
DNS Servers . . . . . . . . . . . : 10.10.10.1
Primary WINS Server . . . . . . . : 10.10.10.1

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.81
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

IPCONFIG from a client which cannot connect to Exchange:
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : dhhmbv01
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.
domain.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-06-5B-48-E8-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 69.140.91.227
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 69.140.91.1
DHCP Server . . . . . . . . . . . : 68.87.73.12
DNS Servers . . . . . . . . . . . : 68.87.73.242
68.87.71.226
Lease Obtained. . . . . . . . . . : Friday, December 02, 2005
1:13:56 PM

Lease Expires . . . . . . . . . . : Tuesday, December 06, 2005
1:13:56 P
M

PPP adapter domain:

Connection-specific DNS Suffix . : domain.com
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.82
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.1

As you can see, on the RAS server, the subnet mask on the PPP adapter is
different than the subnet mask on the ethernet adapter (which is the correct
subnet mask for the network). Also there is no default gateway assigned to
the PPP adapter.The client seems to be picking up IP settings from the PPP
adapter, and I believe this could be the root of my problem. Two questions:
1) Could this be the cause of the inability to connect to Exchange, while
still allowing a telnet connection to another server?
2) If so, where can I adjust the settings for the PPP adapter to add the
correct subnet mask and default gateway? I have looked in the network
properties and the RRAS properties but cannot seem to find it.
Thanks in advance for any help you can offer.
 
Try UNchecking the box in your client vpn properties that says "use default
gateway on remote network". If that doesn't work, do a route print from the
command line and see if you have 2 default gateways (at the top, beginning
with 0.0.0.0). Try removing the default gateways with:
route delete 0.0.0.0
then add the local gateway back with
route add 0.0.0.0 mask 0.0.0.0 69.140.91.1
and add a route directly to the 10.10.10.0 network with
route add 10.10.10.0 mask 255.255.255.0 10.10.10.82 (or whatever ip config
shows as the address of the ppp RAS adapter)

....kurt
 
I will try this as soon as I can get in contact with a remote user... My
question is,,, suppose this user adds the default gateway in this manner and
all is well... does this have to be done every time he/she logs in remotely,
or is there a way to configure it to correctly pick up the address?
 
THis is just fior testing. We'll see if we can get a better handle on it if
this makes it go.

....kurt
 
Back
Top