Home | Site Map | Cisco How To Net How To | Wireless | Search | Forums | Services | Setup Guide | Chicagotech MVP | About Us | Contact Us|

Bob Lin Photography services

Real Estate Photography services 

Windows VPN as a router

Can't ping one of VPN clients
Can't Ping External Network Adapter After Configuring RRAS as a VPN Server
Can't access the Internet after enabling VPN
Connectivity issue after enabling VPN in multihomed server
VPN client can ping all remote computers except one

Can't Ping External Network Adapter After Configuring RRAS as a VPN Server

SYMPTOMS: After you configure the RRAS as a virtual private network (VPN) server in Windows 2000 Server with two or more network adapters, pinging the external network adapter does not work. Or you get destination not reachable if you ping other computers from the VPN server. This behavior occurs only while RRAS is running. Pinging the external network adapter succeeds when RRAS is stopped.

RESOLUTION: When you use the Routing and Remote Access Server Setup Wizard to configure RRAS as a VPN server, Input and Output filters are automatically configured on the external network adapter to process only VPN traffic and disable all ports and protocols except protocol 47 (GRE), TCP port 1723 for PPTP Outbound/Inbound, UDP 500 for ISAKMP and UDP 1701 for L2TP. For consultants, refer to case RL060204.

Can't access the Internet after enabling VPN

Cause: RRAS enables Input and Output filters by default.

Can't ping external NIC while RRAS is active

Symptoms: After you configure the RRAS as a VPN server  with two or more network adapters, pinging the external network adapter does not work. This behavior occurs only while RRAS is running and is by design to tighten security on the Internet VPN server.

Resolution: To allow pinging to and from the external NIC, add Inbound and Outbound filters to the adapter to allow Internet Control Message Protocol (ICMP) packets to be processed on the adapter. To do this, go to Routing and Remote Access>IP Routing>General. In the right pane, right-click the adapter that has been configured as the external adapter, and then click Properties>Input Filters>Add. In the Protocol box, click ICMP. Click Output Filters, and then repeat the previous three steps.

Connectivity issue after enabling VPN in multihomed server

Symptoms: after you enable VPN on a server as a router or with two or more NICs, you may experience some issues. 1) the internal computers can't access the Internet; 2) outside VPN clients can't access the VPN server; 3) can't access the server using TS and VNC form the internal or outside.

Causes: for the security reason, the RRAS modify the routing table and enable incoming VPN connections only so that no other forward packets over the interface except PPTP or L2TP traffic. For consultants, refer to case 090804RL.

 

 

 

Bob Lin Photography services

Real Estate Photography services 

  This web is provided "AS IS" with no warranties.
Copyright 2002-2017 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.