Sign in with
Sign up | Sign in
Your question

Help Setting up VPN with Windows 2003 Server

Last response: in Networking
Share
Anonymous
July 27, 2004 1:10:31 PM

Archived from groups: comp.dcom.vpn (More info?)

Hello All,

I've been trying to set up my own VPN for quite some time now, but I
can't get it to work just right (or work the way I expect it to).

The final problem: Once I connect to the VPN, I lose all contact with
the outside world. (Before I connect to the VPN, I can tracert to
cnn.com and it works fine, but after I connect to the VPN, I tracert
to cnn.com and the packets die when they hit my VPN Server). It is
almost like the VPN server doesn't know what to do with the packets
when it gets them.

Long Explanation:

Here's what I have:

A server running windows 2003 with only ONE nic card. This server is
assigned it's ip address dynamically (via DHCP). I've registered with
a dynamic dns service and installed a client program on my computer so
the changing ip address isn't an issue.

This server is part of my corporate network, but it is visible to the
outside world (it has a public ip address).

So, I create a new user, called vpnaccess, give it a password, and
make sure this new user has Dial-In priviledges (via Computer
Managment, System Tools, Local Users and Groups, Users, double click
on the user, Dial-In tab, and then I "Allow Access" on Remote Access
priviledges.

Okay, now here is how I set up the VPN.
1) Adminstrative Tools, Routing and Remote Access
2) Right click computer object and select "Configure Routing and
Remote Access"
3) In the wizard I click "Custom Configuration" (I tried clicking vpn
access for the configuration but it said that since I have only one
NIC card I have to select custom configuration)
4) I select VPN Access
5) I let it start the service

Now here is where I've tried two different things:
First, I have tried letting the vpn clients get their ip addresses via
dhcp. I haven't tested this that much really.
Second, I've tried using my own static address pool. I choose
10.0.0.5 as the starting IP and 10.0.0.20 as the end IP.
With this configuration, I am able to connect to the server (with
multiple clients). The clients can ping eachother just fine. But
when I tracert cnn.com the packet goes up to the server (10.0.0.5) and
then times out.

I'm not sure how to fix this. I've looked into setting up a static
route in the Routing and Remote Access configuration window. I've
also noticed you can set up a static route for individual users (using
the dial-in tab in the user properties window available from user
management).

How do I set up a static route? The VPN server has a default gateway
set up (it is another computer)... it almost seems like the VPN
server doesn't know what to do with the packets when they arrive, so
they time out. If I could somehow tell the vpn server to send the
packets on to it's gateway would that work?

Thanks for all your help... I know this is a long post. (I just
wanted to be thorough).

--
Nathan
Anonymous
August 5, 2004 12:22:14 PM

Archived from groups: comp.dcom.vpn (More info?)

I have no answer at this point, however, these symptons also belong to
my current default install of Windows 2000 Routing and Remote Access
server for VPN access. I also can not ping other LAN machines from
the W2k server nor can the other LAN machines ping the W2k vpn server
while the R&RA server status is Started. Any MS VPN client connected
(it's purpose works) to the R&RA server can no longer see the
internet. Possibly because the VPN server is giving it a 169.x.x.x
address for PPTP.

shepuurd@yahoo.com


ngiven@hotmail.com (Nathan Given) wrote in message news:<f749d926.0407270810.32e24c3@posting.google.com>...
> Hello All,
>
> I've been trying to set up my own VPN for quite some time now, but I
> can't get it to work just right (or work the way I expect it to).
>
> The final problem: Once I connect to the VPN, I lose all contact with
> the outside world. (Before I connect to the VPN, I can tracert to
> cnn.com and it works fine, but after I connect to the VPN, I tracert
> to cnn.com and the packets die when they hit my VPN Server). It is
> almost like the VPN server doesn't know what to do with the packets
> when it gets them.
>
> Long Explanation:
>
> Here's what I have:
>
> A server running windows 2003 with only ONE nic card. This server is
> assigned it's ip address dynamically (via DHCP). I've registered with
> a dynamic dns service and installed a client program on my computer so
> the changing ip address isn't an issue.
>
> This server is part of my corporate network, but it is visible to the
> outside world (it has a public ip address).
>
> So, I create a new user, called vpnaccess, give it a password, and
> make sure this new user has Dial-In priviledges (via Computer
> Managment, System Tools, Local Users and Groups, Users, double click
> on the user, Dial-In tab, and then I "Allow Access" on Remote Access
> priviledges.
>
> Okay, now here is how I set up the VPN.
> 1) Adminstrative Tools, Routing and Remote Access
> 2) Right click computer object and select "Configure Routing and
> Remote Access"
> 3) In the wizard I click "Custom Configuration" (I tried clicking vpn
> access for the configuration but it said that since I have only one
> NIC card I have to select custom configuration)
> 4) I select VPN Access
> 5) I let it start the service
>
> Now here is where I've tried two different things:
> First, I have tried letting the vpn clients get their ip addresses via
> dhcp. I haven't tested this that much really.
> Second, I've tried using my own static address pool. I choose
> 10.0.0.5 as the starting IP and 10.0.0.20 as the end IP.
> With this configuration, I am able to connect to the server (with
> multiple clients). The clients can ping eachother just fine. But
> when I tracert cnn.com the packet goes up to the server (10.0.0.5) and
> then times out.
>
> I'm not sure how to fix this. I've looked into setting up a static
> route in the Routing and Remote Access configuration window. I've
> also noticed you can set up a static route for individual users (using
> the dial-in tab in the user properties window available from user
> management).
>
> How do I set up a static route? The VPN server has a default gateway
> set up (it is another computer)... it almost seems like the VPN
> server doesn't know what to do with the packets when they arrive, so
> they time out. If I could somehow tell the vpn server to send the
> packets on to it's gateway would that work?
>
> Thanks for all your help... I know this is a long post. (I just
> wanted to be thorough).
Anonymous
August 5, 2004 1:34:31 PM

Archived from groups: comp.dcom.vpn (More info?)

My problem is due to my router (Dlink wireless router) being limited
to one tunnel. You may need a physical vpn router solution like
myself.

shepuurd@yahoo.com

ngiven@hotmail.com (Nathan Given) wrote in message news:<f749d926.0407270810.32e24c3@posting.google.com>...
> Hello All,
>
> I've been trying to set up my own VPN for quite some time now, but I
> can't get it to work just right (or work the way I expect it to).
>
> The final problem: Once I connect to the VPN, I lose all contact with
> the outside world. (Before I connect to the VPN, I can tracert to
> cnn.com and it works fine, but after I connect to the VPN, I tracert
> to cnn.com and the packets die when they hit my VPN Server). It is
> almost like the VPN server doesn't know what to do with the packets
> when it gets them.
>
> Long Explanation:
>
> Here's what I have:
>
> A server running windows 2003 with only ONE nic card. This server is
> assigned it's ip address dynamically (via DHCP). I've registered with
> a dynamic dns service and installed a client program on my computer so
> the changing ip address isn't an issue.
>
> This server is part of my corporate network, but it is visible to the
> outside world (it has a public ip address).
>
> So, I create a new user, called vpnaccess, give it a password, and
> make sure this new user has Dial-In priviledges (via Computer
> Managment, System Tools, Local Users and Groups, Users, double click
> on the user, Dial-In tab, and then I "Allow Access" on Remote Access
> priviledges.
>
> Okay, now here is how I set up the VPN.
> 1) Adminstrative Tools, Routing and Remote Access
> 2) Right click computer object and select "Configure Routing and
> Remote Access"
> 3) In the wizard I click "Custom Configuration" (I tried clicking vpn
> access for the configuration but it said that since I have only one
> NIC card I have to select custom configuration)
> 4) I select VPN Access
> 5) I let it start the service
>
> Now here is where I've tried two different things:
> First, I have tried letting the vpn clients get their ip addresses via
> dhcp. I haven't tested this that much really.
> Second, I've tried using my own static address pool. I choose
> 10.0.0.5 as the starting IP and 10.0.0.20 as the end IP.
> With this configuration, I am able to connect to the server (with
> multiple clients). The clients can ping eachother just fine. But
> when I tracert cnn.com the packet goes up to the server (10.0.0.5) and
> then times out.
>
> I'm not sure how to fix this. I've looked into setting up a static
> route in the Routing and Remote Access configuration window. I've
> also noticed you can set up a static route for individual users (using
> the dial-in tab in the user properties window available from user
> management).
>
> How do I set up a static route? The VPN server has a default gateway
> set up (it is another computer)... it almost seems like the VPN
> server doesn't know what to do with the packets when they arrive, so
> they time out. If I could somehow tell the vpn server to send the
> packets on to it's gateway would that work?
>
> Thanks for all your help... I know this is a long post. (I just
> wanted to be thorough).
!