I've seen quite a number of posts asking why VPN users are not able to access their network even though they have been successfully connected.
Let's try to troubleshoot what happens here. A very common VPN setup is to use 2 NICs and run Routing and Remote Access on one of them. The benefits of this would be that you can isolate VPN traffic and keeping it from overloading the NIC that handles the internal network traffic. One thing to note for is that the two NICs have to be assigned IPs from different networks or subnets. For example:
1st NIC (VPN): 192.168.1.2 /24
2nd NIC(internal network): 192.168.2.2 /24
(Don't worry if you don't understand the /24. It's called the slash notation for the subnet mask which is the equivalent of 255.255.255.0)
Through the initial RRAS setup, users will be able to connect to the VPN just fine and will be assigned an IP address of one of the networks. The problem arise when they try to connect to network resources on through the 2nd NIC (the other network). This is due to the fact that Windows doesn't know how to route the packets from the 192.168.1.0 network to 192.168.2.0 network.
You can tell Windows how to route traffic between the two NICs by configuring a static route with the "Route" command. Type "Route /?" at the Command Prompt for more information.
And as usual, I have a second way to accomplish the job by turning on Routing using RIP or OSPF and add the two NICs to it.
One thing that I see lacking from most Windows Administrators is the understanding of TCP/IP and network routing. I would recommend Windows Administrators to take CCNA anytime. Even though it might seem so remote from their daily tasks, one can walk away from a CCNA class with so much helpful information that makes their job much easier to do.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment