Well, I'm not sure how I configured DHCP. It seems to have just happened when I set up the server. The VPN server says it is set up to relay DHCP packets and it is - my client gets an IP from the intranet. It's just that the mask and gateway look screwy and, when I browse the network for computers, it mostly lists computers on the host LAN instead of the ones on the intranet.
I'm using Windows server 2008 Beta as my VPN server but I got confirmation from another guy that he is getting the same behavior using a Vista client connecting to a Windows 2003 VPN server. On the client I have "Use default gateway on remote network" selected. I'm going to test it out on an XP client tonight. Perhaps it's a Vista issue? Curt > -----Original Message----- > From: Silvio L. Nisgoski [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 12, 2008 4:25 PM > To: NT System Admin Issues > Subject: Re: VPN Option? > > In your VPN server, or DHCP server, how did you configure the giving > out of addresses? Is your servers passing the clientes the gateway/dns > also ? > > ----- Original Message ----- > From: "Jim Dandy" <[EMAIL PROTECTED]> > To: "NT System Admin Issues" <[email protected]> > Sent: Tuesday, February 12, 2008 3:17 PM > Subject: RE: VPN Option? > > > More information ... > > I'm first creating a wireless connection to the internet. I then > create a VPN connection to my intranet. The subnet mask and gateway on > my VPN connection are 255.255.255.255 and 0.0.0.0. Normally, for a > computer that is connected to my intranet those would be 255.255.254.0 > and 169.237.2.254. The IP address is in the proper range for a > computer on my intranet. Shouldn't the subnet mask and gateway on my > VPN connection be the same as if I was connected to the intranet? I > don't see a way of changing this on the VPN server. > > Another thing - ipconfig lists the IP address of both my VPN and > wireless connections as (Preferred). Shouldn't only one of them be > preferred? > > Note: on the general tab of the TCP/IP settings, Use default gateway on > remote network is checked. I've returned the interface metrics to > Automatic since manually putting in values didn't seem to improve > anything. > > Thanks for any help you can provide. > > Curt > > > -----Original Message----- > > From: Jim Dandy [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, February 12, 2008 8:29 AM > > To: NT System Admin Issues > > Subject: RE: VPN Option? > > > > I couldn't find an option in my VPN client for split tunneling. > > > > I change the metrics on my interfaces: WiFi=30, LAN=20, VPN=10. I > > would think that would make it so all traffic went out the VPN. When > > I browse for other computers on the network, the only computers I see > > are the ones on the client side of the VPN (none of the ones on the > > LAN I'm VPNing into). I don't care so much about being able to > browse > > the network. What I'm concerned about is network traffic that is > > supposed to be secure leaking out unencrypted into the LAN that the > > client is connected to. The fact that browsing for computers is > > showing computers on the client side is cause for my concern that > > traffic is leaking. > > > > I should note, I'm setting up a new VPN server (2008 beta). It's > > highly possible that I don't know what I'm doing. This is my first > > VPN > setup. > > Could it be something on the server side that is causing a problem? > > > > Thanks for your help. > > > > Curt > > > > > -----Original Message----- > > > From: Jim Dandy [mailto:[EMAIL PROTECTED] > > > Sent: Monday, February 11, 2008 4:53 PM > > > To: NT System Admin Issues > > > Subject: VPN Option? > > > > > > I thought I had read of a way of setting up VPN on a client so, > when > > > you made a VPN connection, it basically ignored the local > > > connection. > > For > > > example, when you make a VPN connection you get an IP address from > > the > > > VPN connection and you have an IP address from your Local Area > > > connection. I'd like to make it so all network traffic goes > through > > > the VPN IP and the other address is ignored - as if that connection > > > does not exist. I know the Local Area IP has to exist to run the > > > VPN but I > > want > > > all traffic to go down the VPN pipe and not "escape" before it gets > > > into the pipe. I can't seem to find that option now. Does it > > > exist? > How > > > do > > > you enable it? My clients will be XP and Vista. > > > > > > The issue is, if the client goes to "Network Neighborhood" and > > browses > > > for computers on the network, it lists computers on the client side > > of > > > the VPN instead of the server side. This makes me think that some > > > network traffic isn't being directed down the VPN pipe. I'm > > definitely > > > making a VPN connection though because I can access some stuff that > I > > > wouldn't be able to access without the VPN. > > > > > > Thanks for your help. > > > > > > Curt > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
