• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

VPN routing (subnet mask) problem on client computer

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN routing (subnet mask) problem on client computer Page: [1]
Login
Message << Older Topic   Newer Topic >>
VPN routing (subnet mask) problem on client computer - 11.Jun.2008 5:03:30 PM   
fsd

 

Posts: 1
Joined: 11.Jun.2008
Status: offline
Hi All,

I've a little problem with ISA2004 VPN that makes estabilishing connection difficulty from the client computers.

ISA server is configured to assign IP addresses for clients by the DHCP server.
The address pool on DHCP is 192.168.1.0 netmask 255.255.254.0.
ISA server address on LAN: 192.168.0.10 mask 255.255.254.0,
DHCP server address 192.168.0.11 mask 255.255.254.0

On the client computers (Windows XP) a standard VPN connection was created in the Networks Connection folder. If on the VPN connection properties dialog "Networking/TCPIP/Advanced/Use default gateway on remote network" was checked all traffic including simple WEB traffic is forwarded to VPN connection but I don't want it so I uncheck this option. In this case the WEB traffic is working well (forwarded to the ISP) but the computer can access only 192.168.1.0 - 192.168.1.255 hosts on corporate network beause it got an IP from DHCP like 192.168.1.0 mask 255.255.255.0 (not not 255.255.254.0) so the computers in range 192.168.0.0-192.168.0.255 are unaccessible. Therefore I should allways execute a route command like this:
route add 192.168.0.0 mask 255.255.254.0 <actual IP address>
after this it can be access the whole network but it a little bit unconfortable.

Can somebody give me a hint?
Post #: 1
RE: VPN routing (subnet mask) problem on client computer - 14.Sep.2009 9:16:42 AM   
mmoeller

 

Posts: 2
Joined: 14.Sep.2009
Status: offline
the 192.168.x.y / 255.255.255.0 route comes from the "classfull routes" option, you have to uncheck that in the vpn client connection.

also you need to configure a subnet range option in your dhcp server.

however, i run exactly that configuration, and the appropriate routes are only created each 4th time i dial in, but that could by some other problem.

for accessing other subnets via vpn you can use the microsoft classless routes option (code 249) in your dhcp server.

(in reply to fsd)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN routing (subnet mask) problem on client computer Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts