VPN Client Cannot Access Internal Network
Hello all, I have a Windows 2003 Server at work. It has 2 network cards: INTERNAL (10.70.49.1) and EXTERNAL. As the name suggests, EXTERNAL connects to the internet and INTERNAL connects to the internal network PCs. It acts as a domain controller and gateway (NAT). Recently, when I connect to the server via VPN from outside the network (client is Windows 7), I am not able to access the internal network or anything for that matter. The internal network has addresses 10.70.49.x and despite the fact that the client acquires a correct IP ion the same range, it cannot access the gateway which is 10.70.49.1. I haven't seen this before. I made no changes to the server, except that I installed then uninstalled ISA 2006 which could have messed up RRAS settings. I assume there is a setting on the server in RRAS that I'm missing ? Your help is greatly appreciated.- M
April 11th, 2010 3:00pm

Hi M, If you ping the Default gateway(10.70.49.1) when the VPN is connected, what's the reuslt you got? You can follow the KB's steps to configure the client computers to use the default gateway setting on the local network for Internet traffic and a static route on the remote network for VPN-based traffic. http://support.microsoft.com/kb/317025 Regards, Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
April 12th, 2010 10:43am

Hi, When dealing with VPN connectivity , you need to understand the routing path. Please give a detailed network architecture diagram / path from which the client connects to internal resources ? Was this working before ? what has changed ? what happens when client connects to vpn when they are interanal to subnet ?
April 12th, 2010 1:42pm

When I ping the default gateway, I get a timeout. This WAS working before. However, after I installed then uninstalled ISA 2006, it appears the RRAS configuration got messed up. The network is really simple. Internal network 10.70.49.x. I need to connect to VPN from outside because I use outlook and need to connect to the Exchange server (10.70.49.1) My issue is not regarding internet connectivity. It is regarding the fact that I can't access the gateway (10.70.49.1) when I'm connected via VPN which is the purpose behind connecting in the first place. If the client is already INSIDE the internal network, and I connect via VPN, it works of course. Please let me know if you need more info. - M
Free Windows Admin Tool Kit Click here and download it now
April 12th, 2010 2:15pm

Alright, I guess this was one of these issues that went away after I disabled RRAS and started all over again. 1- Open Routing and Remote Access and click on the server to disable it 2- Follow the steps in http://support.microsoft.com/kb/308208 to go through the wizard and re-enable it 3- Create a remote access policy as per http://support.microsoft.com/kb/816522 [was this step really necessary ? Do I have to have a remote access policy or VPN won't work ?] That did it. Thank you all for your help.- M
April 12th, 2010 10:50pm

Hi, Option 3 would be applicable if you want to set specific VPN policies, if not by default there are 2 remote access policies. and you should be careful with the policy ordering.
Free Windows Admin Tool Kit Click here and download it now
April 13th, 2010 9:32am

Hi Mourad, I'm glad to hear that the issue went away. Sainath is correct, if you don't have any specific bussiness requirement, you don't really need to create additional access policy in RRAS. You will need to ensure that the highest priority policy grant remote access permission. Regards, Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.
April 13th, 2010 10:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics