XP VPN users can only access local subnet on Win 2008R2
Hi, I have a very strange issue: We have a Windows 2008R2 system which is being used as a VPN server. Up until recently, everyone was connecting without any issues. Now however, it seems that XP users are unable to route to packets other than the local subnet. i.e. the VPN server is on 10.10.10.0/24, it's default gateway 10.10.10.1 routes to other subnets e.g. 10.10.99.0/24 VPN users (configured with split VPN) can ping devices on 10.10.10.0/24, but not on the remote subnets 10.10.99.0/24 Looking at the traceroute, 10.10.99.0/24 packets are being sent via the internet (rather than the VPN) and the routing tables show no path for the 10.10.99.0/24 subnet. Windows 7 users do not have any such issues. If I put a static route in the VPN server everything works for a bit: i.e. ROUTE ADD 10.10.99.0 MASK 255.255.255.0 10.10.10.1 After a while this stops working and I have to reboot... at which time XP can connect (even without the static route!). There are no error messages in the event log, I can get round by changing all my users over onto non-split tunnelling, but this is not a minor change and would require a lot of effort... also it doesn't fix the issue which must bet at the server end. Any ideas what might be the cause? Thanks, Adam
June 15th, 2011 3:12pm

Hi Adam, Thanks for posting here. > Looking at the trace route, 10.10.99.0/24 packets are being sent via the internet (rather than the VPN) and the routing tables show no path for the 10.10.99.0/24 subnet. If in this case, you should try forcing all traffic to your VPN server by checking the "use default gateway on remote network" option in VPN connection properties on client. Is there any problem to access other subnets form your VPN server ? Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 16th, 2011 11:38am

Hi Tiger, If I select the "use default gateway on remote network" then routing to other subnets does work. If the option is unselected, then only the local subnet is addressable, all other subnets are unavailable. Thanks, Adam
June 16th, 2011 12:34pm

Hi Adam, Thanks for update. Could you please post the “ipconfig /all” and “route print” results from both VPN client and server when connection be established here ? it should help us to isolate the root cause. Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 17th, 2011 12:04pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics