web page will not ping and display via vpn!
hi everyone, I submit a VPN via NAT services on my server. I can connect to my server via VPN (PPTP) but when i want to ping a web site from the client, the client can not do it and i receive a request time out. On the other hand, I have PING time in server but the client can not display a website! In my country filtering is above than the usually extent so i want to configure a server that user connect and they use a internet without filtering! Besides, I don't know that "do i need to DHCP server?" because i don't have it. I wait for your help.
August 26th, 2012 6:56am

Hi, If the site is ordinarily available then filtering should not impact (even over VPN) I am confident that you are experiencing a DNS issue, whereby the internet traffic is not passing thru the VPN and instead is passing via the local internet connection. I would need more information on what VPN solution you are using to give you better information on how to best proceed. In relation to your VPN setup, I am unsure if you are using Windows Server as the VPN host or a 3rd party appliance as the host. I ALWAYS recommend appliance based VPN units (e.g. actual hardware VPN's) as they are more reliable. I suspect that you are using the Windows server as the VPN host, so I will assume this and proceed as that. First thing, you need 2 network cards in your server. One card for WAN and one card for LAN (that is if you want to do it properly) Next, put your broadband router/modem in passive mode (i.e. the modem/router does not authenticate over PPPOE or sign on to internet) Depending on the modem/router it will determine the active port for passive mode, most commonly its ethernet port 1 - See your modem manual for further info. Once done, connect a cable from the modem directly to the servers primary network card (the one you will designate as WAN port) - This should be a clean straight connection with no switches. Next create a new network connection on the server to connect to broadband using PPPOE and use details as issued by your ISP (Here is a guide designed for windows XP but same principal - http://www.triotel.net/PDF%20files/PPPoE%20Files/Microsoft%20Word%20-%20PPPoE%20Authentication%20Procedures%20for%20Windows%20XP.pdf) Once you have successfully configured PPPOE authentication on the server and connected, you should have internet access on the server. Be sure to realise that you now have a direct connection between the server and the internet, so please configure your firewall on the server as appropriate. On the servers secondary network card (LAN) you can connect your switch which will connect the rest of your environment. At this point, you should be able to configure your VPN services on the server and open relevant firewall ports to allow it In relation to internet access for the rest of the computers on the network, you have a few options here, you can distribute access via a few methods, for example, bridging, proxy, or DNS (I would advise you read up on each and make an educated decision on how to best proceed). If you need me to go into any further detail on the distribution of net access across the network, please let me know and I can assist. Best of luck, Martin If you find my information useful, please rate it. :-)
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2012 12:04pm

Hi, If the site is ordinarily available then filtering should not impact (even over VPN) I am confident that you are experiencing a DNS issue, whereby the internet traffic is not passing thru the VPN and instead is passing via the local internet connection. I would need more information on what VPN solution you are using to give you better information on how to best proceed. In relation to your VPN setup, I am unsure if you are using Windows Server as the VPN host or a 3rd party appliance as the host. I ALWAYS recommend appliance based VPN units (e.g. actual hardware VPN's) as they are more reliable. I suspect that you are using the Windows server as the VPN host, so I will assume this and proceed as that. First thing, you need 2 network cards in your server. One card for WAN and one card for LAN (that is if you want to do it properly) Next, put your broadband router/modem in passive mode (i.e. the modem/router does not authenticate over PPPOE or sign on to internet) Depending on the modem/router it will determine the active port for passive mode, most commonly its ethernet port 1 - See your modem manual for further info. Once done, connect a cable from the modem directly to the servers primary network card (the one you will designate as WAN port) - This should be a clean straight connection with no switches. Next create a new network connection on the server to connect to broadband using PPPOE and use details as issued by your ISP (Here is a guide designed for windows XP but same principal - http://www.triotel.net/PDF%20files/PPPoE%20Files/Microsoft%20Word%20-%20PPPoE%20Authentication%20Procedures%20for%20Windows%20XP.pdf) Once you have successfully configured PPPOE authentication on the server and connected, you should have internet access on the server. Be sure to realise that you now have a direct connection between the server and the internet, so please configure your firewall on the server as appropriate. On the servers secondary network card (LAN) you can connect your switch which will connect the rest of your environment. At this point, you should be able to configure your VPN services on the server and open relevant firewall ports to allow it In relation to internet access for the rest of the computers on the network, you have a few options here, you can distribute access via a few methods, for example, bridging, proxy, or DNS (I would advise you read up on each and make an educated decision on how to best proceed). If you need me to go into any further detail on the distribution of net access across the network, please let me know and I can assist. Best of luck, Martin If you find my information useful, please rate it. :-)
August 26th, 2012 12:10pm

Hi, Thank you for the post. If you want to connect website via client Internet connection, you just need to clear Use default gateway on remote network check box on the client. If you want to connect website via Intranet--Internet, you need to enable DHCP relay agent in RRAS to provide VPN client correct gateway address. In this case, set up DHCP server in your Intranet. http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/98937fca-d629-47fd-b7ab-6b1a2b66db9c/ If there are more inquiries on this issue, please feel free to let us know. Regards Rick Tan TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
August 27th, 2012 11:18pm

Hi, Thank you for the post. If you want to connect website via client Internet connection, you just need to clear Use default gateway on remote network check box on the client. If you want to connect website via Intranet--Internet, you need to enable DHCP relay agent in RRAS to provide VPN client correct gateway address. In this case, set up DHCP server in your Intranet. http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/98937fca-d629-47fd-b7ab-6b1a2b66db9c/ If there are more inquiries on this issue, please feel free to let us know. Regards Rick Tan TechNet Community Support Hi Rick, So you mean that i should run and configure a DHCP Service on my RRAS Server to give a Gatwey automatically to Client, Ya? Vahid
August 28th, 2012 6:55am

Hi, If the site is ordinarily available then filtering should not impact (even over VPN) I am confident that you are experiencing a DNS issue, whereby the internet traffic is not passing thru the VPN and instead is passing via the local internet connection. I would need more information on what VPN solution you are using to give you better information on how to best proceed. In relation to your VPN setup, I am unsure if you are using Windows Server as the VPN host or a 3rd party appliance as the host. I ALWAYS recommend appliance based VPN units (e.g. actual hardware VPN's) as they are more reliable. I suspect that you are using the Windows server as the VPN host, so I will assume this and proceed as that. First thing, you need 2 network cards in your server. One card for WAN and one card for LAN (that is if you want to do it properly) Next, put your broadband router/modem in passive mode (i.e. the modem/router does not authenticate over PPPOE or sign on to internet) Depending on the modem/router it will determine the active port for passive mode, most commonly its ethernet port 1 - See your modem manual for further info. Once done, connect a cable from the modem directly to the servers primary network card (the one you will designate as WAN port) - This should be a clean straight connection with no switches. Next create a new network connection on the server to connect to broadband using PPPOE and use details as issued by your ISP (Here is a guide designed for windows XP but same principal - http://www.triotel.net/PDF%20files/PPPoE%20Files/Microsoft%20Word%20-%20PPPoE%20Authentication%20Procedures%20for%20Windows%20XP.pdf) Once you have successfully configured PPPOE authentication on the server and connected, you should have internet access on the server. Be sure to realise that you now have a direct connection between the server and the internet, so please configure your firewall on the server as appropriate. On the servers secondary network card (LAN) you can connect your switch which will connect the rest of your environment. At this point, you should be able to configure your VPN services on the server and open relevant firewall ports to allow it In relation to internet access for the rest of the computers on the network, you have a few options here, you can distribute access via a few methods, for example, bridging, proxy, or DNS (I would advise you read up on each and make an educated decision on how to best proceed). If you need me to go into any further detail on the distribution of net access across the network, please let me know and I can assist. Best of luck, Martin If you find my information useful, please rate it. :-) Hi Martin, I want to explain my situation obviously to you. Frankly, in my country many site like Facebook.com filtered. So, if people want to check this website, they must use VPN or Proxy. Because of this subject, I want to configure a Server for giving VPN Account to people. Thank you. Vahid
Free Windows Admin Tool Kit Click here and download it now
August 28th, 2012 7:03am

Hi Vahid, Yes, you should configure DHCP relay agent on RRAS server and set up DHCP Server service on another server (not RRAS server) in your Intranet. Regards,Rick Tan TechNet Community Support
August 28th, 2012 10:49pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics