|
| View previous topic :: View next topic |
| Author |
Message |
Bob Murdoch
Guest
|
 Posted: Wed Dec 05, 2007 2:18 am Post subject: Access local lan after VPN connection |
 |
|
I have previously connected to my main client over dialup. I was able to
make the dialup connection, leave it up all day, and work on my local
network/internet, or theirs without trouble.
They have just converted to VPN instead of dialup. I can connect to their
network while the VPN is connected, but I can access my local network or the
internet.
I understand there are some routing table entries that I can make to fix
this problem, but I don't know what to change/add.
Can you help?
thanks,
Bob M.. |
|
| Back to top |
|
 |
Google
Sponsor
|
| Posted: Wed Dec 05, 2007 2:18 am Post subject: Advertisement |
|
|
|
|
| Back to top |
|
|
Robert L. (MS-MVP)
Guest
|
| Posted: Wed Dec 05, 2007 4:15 am Post subject: Re: Access local lan after VPN connection |
|
|
Posting the routing table here may help.
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Bob Murdoch" <ram_re_move_5@erols.com> wrote in message
news:%23mVhhUuNIHA.3516@TK2MSFTNGP02.phx.gbl...
| Quote: | I have previously connected to my main client over dialup. I was able to
make the dialup connection, leave it up all day, and work on my local
network/internet, or theirs without trouble.
They have just converted to VPN instead of dialup. I can connect to their
network while the VPN is connected, but I can access my local network or
the internet.
I understand there are some routing table entries that I can make to fix
this problem, but I don't know what to change/add.
Can you help?
thanks,
Bob M..
|
|
|
| Back to top |
|
|
Bob Murdoch
Guest
|
| Posted: Wed Dec 05, 2007 1:29 pm Post subject: Re: Access local lan after VPN connection |
|
|
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote in message..
| Quote: | Posting the routing table here may help.
|
Thanks Bob - I have included it below.
My workstation is 192.168.0.99, and my local gateway is 192.168.0.2. All
other devices on my local network are in the 192.168.0.* range.
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 11 43 16 be ce ...... Intel(R) PRO/1000 MTW Network Connection -
Packe
t Scheduler Miniport
0x10006 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet
Scheduler
Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 171.17.24.178 171.17.24.177 1
11.0.0.0 255.0.0.0 192.168.0.2 192.168.0.99 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
171.17.16.0 255.255.252.0 192.168.0.2 192.168.0.99 1
171.17.24.176 255.255.255.240 171.17.24.177 171.17.24.177 20
171.17.24.177 255.255.255.255 127.0.0.1 127.0.0.1 20
171.17.255.255 255.255.255.255 171.17.24.177 171.17.24.177 20
192.168.0.0 255.255.255.0 192.168.0.99 192.168.0.99 10
192.168.0.0 255.255.255.0 171.17.24.178 171.17.24.177 10
192.168.0.99 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.0.255 255.255.255.255 192.168.0.99 192.168.0.99 10
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 20
192.168.10.0 255.255.255.0 171.17.24.178 171.17.24.177 20
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1 20
192.168.56.0 255.255.255.0 192.168.56.1 192.168.56.1 20
192.168.56.0 255.255.255.0 171.17.24.178 171.17.24.177 20
192.168.56.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.56.255 255.255.255.255 192.168.56.1 192.168.56.1 20
208.15.90.6 255.255.255.255 192.168.0.2 192.168.0.99 1
224.0.0.0 240.0.0.0 171.17.24.177 171.17.24.177 20
224.0.0.0 240.0.0.0 192.168.0.99 192.168.0.99 10
224.0.0.0 240.0.0.0 192.168.10.1 192.168.10.1 20
224.0.0.0 240.0.0.0 192.168.56.1 192.168.56.1 20
255.255.255.255 255.255.255.255 171.17.24.177 171.17.24.177 1
255.255.255.255 255.255.255.255 192.168.0.99 192.168.0.99 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.56.1 192.168.56.1 1
Default Gateway: 171.17.24.178
===========================================================================
Persistent Routes:
None |
|
| Back to top |
|
|
gerryR
Guest
|
| Posted: Wed Dec 05, 2007 2:32 pm Post subject: Re: Access local lan after VPN connection |
|
|
Does the remote network use the same IP range as you're local one? if so
you're machine could be conflicting with one on the remote network.
"Bob Murdoch" <ram_re_move_5@erols.com> wrote in message
news:%23mVhhUuNIHA.3516@TK2MSFTNGP02.phx.gbl...
| Quote: | I have previously connected to my main client over dialup. I was able to
make the dialup connection, leave it up all day, and work on my local
network/internet, or theirs without trouble.
They have just converted to VPN instead of dialup. I can connect to their
network while the VPN is connected, but I can access my local network or
the internet.
I understand there are some routing table entries that I can make to fix
this problem, but I don't know what to change/add.
Can you help?
thanks,
Bob M..
|
|
|
| Back to top |
|
|
Robert L. (MS-MVP)
Guest
|
| Posted: Thu Dec 06, 2007 4:21 pm Post subject: Re: Access local lan after VPN connection |
|
|
Can I assume your client's IP range is 11.0.0.0 /8? Is your computer
multihomed computer? try to disable using default gateway in remote network.
This search result may help. Please post back with the result.
routing issues on vpnCan't access the internal server when remote client
establishes VPN Can't access the Internet while using VPN Can't access the
remote network after ...
www.chicagotech.net/routingissuesonvpn.htm
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Bob Murdoch" <ram_re_move_5@erols.com> wrote in message
news:u48ZZL0NIHA.5264@TK2MSFTNGP02.phx.gbl...
| Quote: |
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote in message..
Posting the routing table here may help.
Thanks Bob - I have included it below.
My workstation is 192.168.0.99, and my local gateway is 192.168.0.2. All
other devices on my local network are in the 192.168.0.* range.
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 11 43 16 be ce ...... Intel(R) PRO/1000 MTW Network Connection -
Packe
t Scheduler Miniport
0x10006 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet
Scheduler
Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 171.17.24.178 171.17.24.177 1
11.0.0.0 255.0.0.0 192.168.0.2 192.168.0.99 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
171.17.16.0 255.255.252.0 192.168.0.2 192.168.0.99 1
171.17.24.176 255.255.255.240 171.17.24.177 171.17.24.177
20
171.17.24.177 255.255.255.255 127.0.0.1 127.0.0.1
20
171.17.255.255 255.255.255.255 171.17.24.177 171.17.24.177
20
192.168.0.0 255.255.255.0 192.168.0.99 192.168.0.99
10
192.168.0.0 255.255.255.0 171.17.24.178 171.17.24.177
10
192.168.0.99 255.255.255.255 127.0.0.1 127.0.0.1
10
192.168.0.255 255.255.255.255 192.168.0.99 192.168.0.99
10
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1
20
192.168.10.0 255.255.255.0 171.17.24.178 171.17.24.177
20
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1
20
192.168.56.0 255.255.255.0 192.168.56.1 192.168.56.1
20
192.168.56.0 255.255.255.0 171.17.24.178 171.17.24.177
20
192.168.56.1 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.56.255 255.255.255.255 192.168.56.1 192.168.56.1
20
208.15.90.6 255.255.255.255 192.168.0.2 192.168.0.99 1
224.0.0.0 240.0.0.0 171.17.24.177 171.17.24.177
20
224.0.0.0 240.0.0.0 192.168.0.99 192.168.0.99
10
224.0.0.0 240.0.0.0 192.168.10.1 192.168.10.1
20
224.0.0.0 240.0.0.0 192.168.56.1 192.168.56.1
20
255.255.255.255 255.255.255.255 171.17.24.177 171.17.24.177 1
255.255.255.255 255.255.255.255 192.168.0.99 192.168.0.99 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.56.1 192.168.56.1 1
Default Gateway: 171.17.24.178
===========================================================================
Persistent Routes:
None
|
|
|
| Back to top |
|
|
Bob Murdoch
Guest
|
| Posted: Fri Dec 07, 2007 3:19 am Post subject: Re: Access local lan after VPN connection |
|
|
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote in message
news:117844EF-AF2A-4278-B90D-48E4B60FCAC9@microsoft.com...
| Quote: | Can I assume your client's IP range is 11.0.0.0 /8? Is your computer
multihomed computer? try to disable using default gateway in remote
network. This search result may help. Please post back with the result.
routing issues on vpnCan't access the internal server when remote client
establishes VPN Can't access the Internet while using VPN Can't access the
remote network after ...
www.chicagotech.net/routingissuesonvpn.htm
|
Yes, you are correct about the client's range.
Unfortunately, the Cisco VPN client doesn't have a 'use default gateway on
remote network' option (at least that I can find.
I spoke with the client's IT department, and they won't set up allow a split
tunnel.
Is it possible for me to add a second NIC, and bind the VPN client to it so
that I can still use the first NIC for internet and local lan access?
Bob M.. |
|
| Back to top |
|
|
Robert L. (MS-MVP)
Guest
|
| Posted: Fri Dec 07, 2007 4:20 pm Post subject: Re: Access local lan after VPN connection |
|
|
Ok, if it is Cisco VPN, that is different story. I believe you should have
an option to check Allow Local LAN access. For the internet access, you may
have an option to modify the routing table. However, for the security
reason, your IT guys may not like it.
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Bob Murdoch" <ram_re_move_5@erols.com> wrote in message
news:O%23$EhAIOIHA.292@TK2MSFTNGP02.phx.gbl...
| Quote: |
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote in message
news:117844EF-AF2A-4278-B90D-48E4B60FCAC9@microsoft.com...
Can I assume your client's IP range is 11.0.0.0 /8? Is your computer
multihomed computer? try to disable using default gateway in remote
network. This search result may help. Please post back with the result.
routing issues on vpnCan't access the internal server when remote client
establishes VPN Can't access the Internet while using VPN Can't access
the remote network after ...
www.chicagotech.net/routingissuesonvpn.htm
Yes, you are correct about the client's range.
Unfortunately, the Cisco VPN client doesn't have a 'use default gateway on
remote network' option (at least that I can find.
I spoke with the client's IT department, and they won't set up allow a
split tunnel.
Is it possible for me to add a second NIC, and bind the VPN client to it
so that I can still use the first NIC for internet and local lan access?
Bob M..
|
|
|
| Back to top |
|
|
Bob Murdoch
Guest
|
| Posted: Sun Dec 09, 2007 2:18 am Post subject: Re: Access local lan after VPN connection |
|
|
Robert,
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote :
| Quote: | Ok, if it is Cisco VPN, that is different story. I believe you should have
an option to check Allow Local LAN access. For the internet access, you
may have an option to modify the routing table. However, for the security
reason, your IT guys may not like it.
|
Yes, it is Cisco. Checking the Allow Local LAN has no effect (I believe
it's blocked on the server side).
Can you provide some pointers for the routing table modification. I've
tried a number of things, but nothing has worked, and I'm far from an
expert.
As for the IT guys - the VPN access that I have been provided is the same as
that provided to regular employees of the company. All of the resources
that the employees need (ie: email, programs, documentation, etc) are
available on their network. I am contracted developer. I need internet
access for my email, access to my dev lab, newsgroups, etc. I had access to
all of this while connected to them over dial up, but now with VPN I have to
disconnect/reconnect the VPN every time I need to make the context switch.
The IT guys understand this, but don't have the ability to modify the
internal policies (understandably so).
tia,
Bob M.. |
|
| Back to top |
|
|
Robert L. (MS-MVP)
Guest
|
| Posted: Sun Dec 09, 2007 3:36 pm Post subject: Re: Access local lan after VPN connection |
|
|
These search result may help.
routing issues on vpnResolution: When establishing VPN to the office A, the
routing table changes. To fix this issue, disable the "Use default gateway
on remote network"" on the ...
www.chicagotech.net/routingissuesonvpn.htm
RoutingRouting. Network Routing Analysis VPN Routing Analysis ...
Routing issue if the LAN and VPN are in different subnets Routing order ...
www.chicagotech.net/routing.htm
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Bob Murdoch" <ram_re_move_5@erols.com> wrote in message
news:ODVq2ngOIHA.4948@TK2MSFTNGP02.phx.gbl...
| Quote: | Robert,
"Robert L. (MS-MVP)" <noreply@chicagotech.net> wrote :
Ok, if it is Cisco VPN, that is different story. I believe you should
have an option to check Allow Local LAN access. For the internet access,
you may have an option to modify the routing table. However, for the
security reason, your IT guys may not like it.
Yes, it is Cisco. Checking the Allow Local LAN has no effect (I believe
it's blocked on the server side).
Can you provide some pointers for the routing table modification. I've
tried a number of things, but nothing has worked, and I'm far from an
expert.
As for the IT guys - the VPN access that I have been provided is the same
as that provided to regular employees of the company. All of the
resources that the employees need (ie: email, programs, documentation,
etc) are available on their network. I am contracted developer. I need
internet access for my email, access to my dev lab, newsgroups, etc. I
had access to all of this while connected to them over dial up, but now
with VPN I have to disconnect/reconnect the VPN every time I need to make
the context switch. The IT guys understand this, but don't have the
ability to modify the internal policies (understandably so).
tia,
Bob M..
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
