is this possible with PPTP?

T

TheGuy

Expert Member
Joined
Sep 14, 2009
Messages
2,974
Reaction score
19
Location
Jozi
Hi Guys

I have server 2003 with RRAS and ISA 2006. Users connect via PPTP VPN to access the server and pull emails.

I want to be able to access their computer across the VPN so I can transfer files if needed and RDP.

At the moment the user gets assigned a client IP that falls in the same subnet as the network in the office so I know it won't work now as the packets won't be routed but what if I assign IP address from a different subnet will it work then?
 
TheGuy said:
Hi Guys

I have server 2003 with RRAS and ISA 2006. Users connect via PPTP VPN to access the server and pull emails.

I want to be able to access their computer across the VPN so I can transfer files if needed and RDP.

At the moment the user gets assigned a client IP that falls in the same subnet as the network in the office so I know it won't work now as the packets won't be routed but what if I assign IP address from a different subnet will it work then?
Click to expand...

Never used ISA or MS products really :(
Whats the default gateway on the workstations?
The theory of ur logic makes sense though, as long as the workstations route the traffic back to the vpn termination point
 
tau1z said:
Never used ISA or MS products really :(
Whats the default gateway on the workstations?
The theory of ur logic makes sense though, as long as the workstations route the traffic back to the vpn termination point
Click to expand...

The default Gateway is another ISA they sit behind that's not managed by me. But if the VPN is connected then the default gateway doesn't matter as I should be able to ping the computer via the local IP address when the VPN is up.

I was just wondering if this is possible?
 
Sounds like it might be a bridged vpn setup!
i.e. with vpn clients assigned addresses the same as the office subnet.

How about your machine also as a vpn client ?
Then you wouldnt have to worry about gateways and/or routers on the network...
 
TheGuy said:
The default Gateway is another ISA they sit behind that's not managed by me. But if the VPN is connected then the default gateway doesn't matter as I should be able to ping the computer via the local IP address when the VPN is up.

I was just wondering if this is possible?
Click to expand...

I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway
 
tau1z said:
I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway
Click to expand...

Or it could be a bridged setup!
 
@udiS3 said:
Sounds like it might be a bridged vpn setup!
i.e. with vpn clients assigned addresses the same as the office subnet.

How about your machine also as a vpn client ?
Then you wouldnt have to worry about gateways and/or routers on the network...
Click to expand...

That's it clients assigned same IP as internal subnet. I'm not a VPN client.

tau1z said:
I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway
Click to expand...

That's also what I'm wondering about as they can pull mail access the server everything. My thinking is I when I ping them the switch will think but this is on my subnet and then just broadcast it. So it will never be routed.
 
Yes, tunelling into your own vpn with your machine would put you within that subnet and you
wouldn't have to go configure routers/gateways/clients.

This sounds like the simplest solution...
 
@udiS3 said:
Yes, tunelling into your own vpn with your machine would put you within that subnet and you
wouldn't have to go configure routers/gateways/clients.

This sounds like the simplest solution...
Click to expand...

Thanks I will give this a try and let you know.
 
Your VPN server should make use of NAT, regardless of IPs assigned to vpn users. That way, users will be able to connect via rdp to their machines or servers without having any problems.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X