Question

Locked

Remote VPN Client Configuration Problem

By Mikael21 ·
Hello,

First time posting. I have a PPTP setup at work using a D-Link DIR-330.

I am using it to map network drives for users outside of the office.

Our infrastructure resides in Toronto, ON Canada and I have a remote client in Montreal, QC Canada who needs to map these drives. I've already mapped two other hosts (who are using Windows Vista). I'm trying to map the last client, the Montreal PC (using Windows XP Pro). I'm using Log Me In IT Reach to remotely do this, as I can not travel to Montreal.

When I login to the remote client, I have network connectivity no problem. I can ping hosts, open webpages, etc. I added the VPN as a new network connection, specified the dns for my vpn (just like on the other clients), and enter the group user name and password to connect to our VPN.

After the VPN connects, and Log Me In IT Reach Remote Control comes back on, I see that the LAN is connected, and the VPN is connected through ipconfig /all. However, at this point, I can not ping hosts, I can't open webpages, but I can put in the local IP of the server location where our network drives are located in Toronto.

I ran the network diagnostics and it restored connectivity to the internet and I could open and ping hosts, but then I can't access my VPN resources even though it reports it's still connected.

It seems I can access one or the other, the web or the VPN. I checked the Linksys Etherfast router (which is the remote client's default gateway) and it doesn't appear to be making any blocks.

Last thing I was going to try before the network connection over Log Me In went offline, was to gracefully disconnect and reconnect the VPN and see now that after the internet is restored, if my VPN just needs to be reconnected.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

subnet?

by Jay217 In reply to Remote VPN Client Configu ...

Sounds like you may have the same subnets on both networks. When you do the ipconfig /all both connections need to have different IP ranges otherwise the local one will get confused.

Its usually easier to change the subnet for the individual user instead of the company.

The next thing to check would be permissions for that user on the machine the mapped drivers are on.

Hope that helps!

Collapse -

Re: subnet?

by Mikael21 In reply to subnet?

I'm logging into the host using the Administrator account. This would have ultimate permission.

How is it even authenticating my login if the computer isn't actually on the same network as the domain controller. The domain is specified as part of System Properties, but its in Montreal, not Toronto's office where our Domain controller is.

If the subnets are the same, for the LAN adapter, and the PPTP VPN adapter, which adapter do i change the subnet on? I know the subnet we specified on the VPN router in Toronto (our now new default gateway to give it top visibility) is 255.255.255.255. If the LAN Ethernet adapter for the remote host has the same subnet, then do I change it on the LAN?

This is the only host giving me these problems. Every other host has been very easy.

Collapse -

DNS Suffix

by Nimmo In reply to Remote VPN Client Configu ...

Is this remote machine a domain member? IF it isn't you will need to add a DNS suffix of the domain into the TCP/IP configuration on the remote machine:

control panel>network and internet connections>internet connections>(network adapter)

Right click the adapter and select properties>highlight TCP/IPv4 and select properties.

In the general tab select advanced> then the DNS tab>click the append these DNS suffix's and add the local domain into it.

Collapse -

Re: DNS Suffix

by Mikael21 In reply to DNS Suffix

Hi,

The computer originally belonged to a domain. It was taken out of our office and moved to a new field office. I think there is maybe only 1 or 2 more computers plus that one out in the field office. I'm considering removing it from the domain and just putting it on a default workgroup. That variable wasn't present on the two successfully configured laptops I've already setup. That could be preventing the problem I think.

When the person turns the computer back on, I'll view his desktop remotely, run an ipconfig /all and post up what I have. This will be after I confirm that removing it from the domain and replacing it with a standard workgroup. I'm not sure if that's going to be a problem at the login screen or not tho. It shouldn't be tho right because it may be specified as part as a domain, but it's not actually on the same infrastructure as a domain.

Thanks again!

Collapse -

Another question

by Mikael21 In reply to Remote VPN Client Configu ...

Now that the VPN is setup and the remote hosts are just about configured, besides Montreal, how can I boost performance.

Once a host dials the VPN, they use the remote internet connection. Not only is our bandwidth being bottlenecked now, and being used quicker, but is there anyway to make it faster. When I access the VPN from my house where I have high-speed wireless, once I'm on the VPN, but I want to use Firefox, i notice pages take a lot longer to load. Any fixes for that?

Collapse -

Speed up connection

by Nimmo In reply to Another question

The only real way to boost connection performance is to upgrade the bandwidth. What is your connection speed (up/down) at the moment?

The most likely reason web pages are taking longer to load would be because you are most likely been proxy at the head office?

Meaning that when you connect your VPN all your communication is going to the head office before it reaches its destination.

To confirm if this open your command prompt and do a trace route to a destination and see if the packets pass through the head office's connection.

Another way to speed up your connection is to try not to use to many resources, for example if you are accessing say a database will kill the connection speed because of all the queries been sent and returned.

Do you have a terminal server at the head office? using a terminal server will allow you to access everything you need without having to download the resources to access/view/modify.

Scripts will run on the terminal server when users log in instead of running on their local machines.

I have no idea of your company's budget but I strongly suggest you look into or suggest putting in place a terminal server, that way the users connection will be quicker and they will able to work more efficient.

Also do you use exchange? if so you can setup the remote users outlook to work over the internet via HTTP.

By using outlook via the internet users don't need to open the VPN connection to access their company mail. (this will also help is saving bandwidth).

But all in all I think your best bet is to get them using terminal server if it is an option.

Collapse -

Re:

by Mikael21 In reply to Speed up connection

Hi,

I'm going to call our ISP tomorrow and the vendor of the VPN router and see what their recommendations are as well. Currently we have about 3.5 Mbps download and 762 kbps upload.

I'm not placing a VPN to access company email. I am putting in a VPN so that outside users can map network drives which contain program files necessary to applications the employees use as part of their livelihood.

The shares are all located on an external hard drive connected to our Windows Small Business Server 2003 box. There are about 20 clients in the local office which use the network shares, all mapped to their computers. That is not the problem. They are all behind the same default gateway. We have a computer in a different city that is not part of our local infrastructure so we want to map these network drives to this user as well, but across the internet. We also have a travelling user who is sometimes plugged into the office directly at her desk, and sometimes out of the office, using her home internet connection and wants to access the network drives at the head office. I thought a PPTP VPN would be the best solution here.

I've installed a VPN router at the highest point in the network after the ISP modem, so it can access anything below it, including our server which is connected to the shares. I got a DynDNS account which communicates with the DDNS account setting in our VPN router (the new default gateway in our network). I then pointed outside clients to our VPN DNS which translates to our public/external IP, and then from there, we can go travel through the network to the server, where the shares are located.

I've started to look at Log Me In Hamachi as well. What if I install Hamachi on the server computer, create a free account and a network name, and then install the software on the client computers as well. After that is setup, browse the server host from the client computer, and just map the network drives that way? I'm beginning to doubt the power of our hardware VPN solution and possibly consider a software based VPN instead. I just don't know how to explain to my client as well how I've spent 3 weeks devising and deploying a hardware VPN, and now in one day, I want to use a software VPN instead. Oh the joys of IT consulting.

Back to Networks Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums