Windows 2003 VPN Internet Browsing

[rawshan]

I have a very simple problem and I know the solution is around the corner.
My Scenario:
I have a Windows server (single NIC) hosted in a datacenter with 5 public IP assigned to it. I want to make it a vpn server and a router for secured internet browsing for all vpn clients. VPN clients will dial up the server and send all internet traffic through the server for secured net browsing.

I already setup VPN server configuration through RRAS with custom configuration with static IP pool. I also create Active directory user with dialin access permission for windows authentication. Everythings seems fine and my vpn clients can connect to the server using PPTP. But the problem arose with browsing. When I check "Use Remote Computer Default gateway" setting checked to throw all the traffic through the VPN server, it does not work. But I can still ping both public and vpn assigned ip to the server. I know I am missing something regarding TCP/IP forwarding. I also tried with NAT enabled at the server but no luck. LAN and demand dial routing also enabled at the server. I also edited registry for and did IPEnableRouter flag to on. NO luck at all..

Help will be apprciated..

Rawshan

 

[gavm99]

I would start with the basics here. When you connect to the VPN can you ping

http://www.bbc.co.uk

? Can you ping 212.58.253.72 ?

Gavin Moorhouse

http://www.lucidcomputersolutions.co.uk

 

[rawshan]

Hello Gavin Moorhouse,
Thank you for looking at my problem.
No I cant ping either of them

http://www.bbc.co.uk

and 212.58.253.72
I found another strange phenomena, when I install both VPN and LAN routing simultaneously in the server, clients could connect to the server but cant send anything to the server even cant ping private IP 10.10.10.1 which is assigned to the server by RRAS, but can browse at the client end as all the traffic goes throgh the existing connection.

Thanks
Rawshan

 

[gavm99]

Ok how about this then..........

Are you able to remove RRAS and start again with it? I would suggest uninstalling RRAS and then putting it back on BUT only choose to setup a Remote Access Server when you are configuring it.

When you have it as just a Remote Access Server ensure you local clients are ok. Once you have happy with them try a remote client using the remote gateway - what can they ping?

Thanks.

Gavin Moorhouse

http://www.lucidcomputersolutions.co.uk

 

[rawshan]

Thanks for your reply
Yes i just reinstall only with the VPN access server. But same problem, once connected, I can only ping the server nothing else.

Thanks

 

[gavm99]

Ok and I assume the server itself can access the Internet ok?

Gavin Moorhouse

http://www.lucidcomputersolutions.co.uk

 

[rawshan]

Definitely, as the server is hosted in SAVIS datacenter and I am accessing that remotely.

Thanks
Rawshan

 

[burtsbees]

Are you in St. Louis, MO by chance?

Burt

 

[rawshan]

NO i am not .. I was in Wichita for quite sometimes.. YOU??

Rawshan

 

[rawshan]

Thanks everybody for your responses here. I really appreciate it.
I finally figured this out. Server's gateways was rejecting request from private ips from VPN client. I needed to assign public IP from RRAS IP pool to the VPN clients given from the datacenter instead of private ip(which only works in NAT scenario). I will try to see whether I could make it to work VPN+NAT scenario. If I had any luck I will post it here.

Thanks
Rawshan