is this possible with PPTP?

[TheGuy]

Hi Guys

I have server 2003 with RRAS and ISA 2006. Users connect via PPTP VPN to access the server and pull emails.

I want to be able to access their computer across the VPN so I can transfer files if needed and RDP.

At the moment the user gets assigned a client IP that falls in the same subnet as the network in the office so I know it won't work now as the packets won't be routed but what if I assign IP address from a different subnet will it work then?

 

[syntax]

Hi Guys

I have server 2003 with RRAS and ISA 2006. Users connect via PPTP VPN to access the server and pull emails.

I want to be able to access their computer across the VPN so I can transfer files if needed and RDP.

At the moment the user gets assigned a client IP that falls in the same subnet as the network in the office so I know it won't work now as the packets won't be routed but what if I assign IP address from a different subnet will it work then?

Never used ISA or MS products really
Whats the default gateway on the workstations?
The theory of ur logic makes sense though, as long as the workstations route the traffic back to the vpn termination point

 

[TheGuy]

Never used ISA or MS products really
Whats the default gateway on the workstations?
The theory of ur logic makes sense though, as long as the workstations route the traffic back to the vpn termination point

The default Gateway is another ISA they sit behind that's not managed by me. But if the VPN is connected then the default gateway doesn't matter as I should be able to ping the computer via the local IP address when the VPN is up.

I was just wondering if this is possible?

 

[@udiS3]

Sounds like it might be a bridged vpn setup!
i.e. with vpn clients assigned addresses the same as the office subnet.

How about your machine also as a vpn client ?
Then you wouldnt have to worry about gateways and/or routers on the network...

 

[syntax]

The default Gateway is another ISA they sit behind that's not managed by me. But if the VPN is connected then the default gateway doesn't matter as I should be able to ping the computer via the local IP address when the VPN is up.

I was just wondering if this is possible?

I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway

 

[@udiS3]

I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway

Or it could be a bridged setup!

 

[TheGuy]

Sounds like it might be a bridged vpn setup!
i.e. with vpn clients assigned addresses the same as the office subnet.

How about your machine also as a vpn client ?
Then you wouldnt have to worry about gateways and/or routers on the network...

That's it clients assigned same IP as internal subnet. I'm not a VPN client.

I am not sure how that is working then? If you are assigning an ip range not on the local lan, then how are the machines routing back? They would either need static routes, or follow the default gateway

That's also what I'm wondering about as they can pull mail access the server everything. My thinking is I when I ping them the switch will think but this is on my subnet and then just broadcast it. So it will never be routed.

 

[@udiS3]

Yes, tunelling into your own vpn with your machine would put you within that subnet and you
wouldn't have to go configure routers/gateways/clients.

This sounds like the simplest solution...

 

[TheGuy]

Yes, tunelling into your own vpn with your machine would put you within that subnet and you
wouldn't have to go configure routers/gateways/clients.

This sounds like the simplest solution...

Thanks I will give this a try and let you know.

 

[Tinuva]

Your VPN server should make use of NAT, regardless of IPs assigned to vpn users. That way, users will be able to connect via rdp to their machines or servers without having any problems.