Announcement

Collapse
No announcement yet.

Windows 2008 R2 Server VPN Server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows 2008 R2 Server VPN Server

    Hi all,

    I have a 2008 R2 Server with a NIC address 192.168.1.10
    I configure the RRAS to accept VPN connections and I configure the IPV4 address assignment to give 2 ip addresses from that subnet (192.168.1.200-201).

    The problem is that when I am on my home (have ip 192.168.1.XXX from my home router's dhcp) the vpn connects OK but I have no access to the internal network , as expected.
    If I change my home's network to another subnet (like 192.168.0.XXX or any other subnet except 192.168.1.XXX) and my pc now have IP from that network I can connect OK and access the internal network.

    I dont want to change the IP addresses of the servers and all the in internal pcs, routers, printers...
    If I change the IPV4 address assignment of the server's VPN to give 2 ip addresses from other subnet (172.19.34.200-201) I can connect but I don't have access to my internal network.
    Kindly asking for your help in order to config static routes to the server.

    Server(192.168.1.10) <------> Router (192.168.1.1) <------> VPN client (172.19.34.200)

    I saw this article (http://technet.microsoft.com/en-us/l.../dd469667.aspx) and there is:

    Additional considerations

    If the static IP address pool consists of ranges of IP addresses that are for a separate subnet, then you need to either enable an IP routing protocol on the remote access server computer or add static IP routes consisting of the {IP Address, Mask} of each range to the routers of the intranet. If the routes are not added, then remote access clients cannot receive traffic from resources on the intranet.

    I believe that this is that I have to do, but dont know how????

    Any suggestion please?
    Last edited by pras; 22nd November 2012, 11:57.

  • #2
    Re: Windows 2008 R2 Server VPN Server

    Why not take the easy approach and reconfigure your home router permanently?
    IIRC you will need to enable a static route in RRAS between the 192.168 and 172.19 subnets
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Windows 2008 R2 Server VPN Server

      Hi Ossian,
      Thank you for your prompt post!

      The problem is that I want to have access from some other places that I cant change the routers....
      Can you please guide me to make the static route you mentioned?

      Thank you!

      Comment


      • #4
        Re: Windows 2008 R2 Server VPN Server

        Not off hand, but a very helpful site called can
        https://www.google.co.uk/search?q=rr...CfHB0gWB6YCwCQ
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Windows 2008 R2 Server VPN Server

          ok. If you want to be able to access your work network via VPN from places where you can't control the subnets, then you need to permanently change your workplace's subnet.

          I don't recommend using 192.168.0 or 192.168.1 or 172.16.0 or 172.16.1 networks anywhere I work, and actively use different networks to prevent exactly this issue.

          192.168.0 and 192.168.1 are the most common networks used from the avaialble ranges, so use something else.
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Windows 2008 R2 Server VPN Server

            Thank you for your answers and recommendations!
            I know about the IP subnets policies, but the situation was "bad" already!
            I search a lot to without success for static routes.... at least not solved my problem.

            I found another solution for my problem, so please mark that as solved.

            The solution was easy and had nothing to do with static routes.

            Insert a second ip to my server (192.168.10.10) and make the RRAS to assign ip addresses from static address pool (192.168.10.200-4).
            This way when I connect via VPN pptp I get one ip from 192.168.10.200 to 192.168.10.204.
            The routes are OK and I can access my server's shared files (file server, fax server) with \\192.168.10.10 and not 192.168.1.10.

            When I am inside the local lan I can find server inside 192.168.1.XXX subnet and when I am connecting through VPN I can find server inside 192.168.10.XXX.
            Last edited by pras; 23rd November 2012, 08:25.

            Comment


            • #7
              Re: Windows 2008 R2 Server VPN Server

              Wouldn't an lmhosts file have worked?
              A recent poll suggests that 6 out of 7 dwarfs are not happy

              Comment

              Working...
              X