This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP and PPTP VPN Routing Issue (Maybe)

Hello all!  I'm having trouble with my VPN configuration on my system.  First, some essential information:

Astaro Version: 7.509
Internal Network: 192.168.0.1/24
Web Security is Enabled, but I have exceptions defined for both the Internal Network, and all of the VPN pools (I only want the Web Security to "interfere" with the DMZ network, where I have my open WiFi access point attached).
DNS: I have the Internal Network and the VPN pool set to allowed networks, and the Astaro's internal IP address configured in the Remote Access -> Advanced screen.

So, here's the story:

I set up a L2TP VPN following the guides in the Support area, using the default VPN pool addresses.  Unfortunately, with it configured that way, I am NOT able to access or Ping any internal machines EXCEPT for the Astaro box itself.  In other words, I can ping 192.168.0.1 and that works fine, but I cannot ping or access any other systems on my internal network (eg 192.168.0.20).

DNS resolving works fine.  So, if I try to resolve the hostname of that 192.168.0.20 box, it gives me the proper address.  I just can't access it.

I believe I have the packet filter rules set up properly, but I really can't be sure.  I have one rule that is VPN Pool (L2TP) -> Any -> Any, and another that is Internal Network -> Any -> VPN Pool (L2TP).

However... If I change the settings for the VPN Pool definition to 192.168.0.0/24, then suddenly the VPN works perfectly.  I can access internal network resources, ping everything I want, and everything is wonderful.  However, I know this isn't "right" but I don't know why it doesn't work the other way.  I suspect the problem is routing or gateway related.

The client machine is a Windows 7 64-bit laptop, though I've also tried with a Vista 32-bit machine.  I'm using a Preshared Key style L2TP connection because I also want to connect my iPhone.  The same thing is true on the iPhone, though (it only works if I change the pool definition).

I've also tried setting up a PPTP connection and it works the same way.  If I use the default definition for the Pool (or change it to something like 192.168.40.0/24), then I'm unable to access anything internal.

I did notice that on the client end, if I check ipconfig after connecting, the address it gets for the VPN interface shows:

IP: something in the pool range
Netmask: 255.255.255.255
Gateway: 0.0.0.0

I'm not sure if that's right.  The VPN connection is configured basically to the defaults in Win7, though I did switch the type to L2TP and entered in my Preshared key.

Again, the VPN tunnel connects fine in all cases.  I just can't access my internal network with it.

This thread was automatically locked due to age.

Parents

0 Blackbird_71 over 13 years ago

I am also having similar issue.
IP: something in the pool range
Netmask: 255.255.255.255
Gateway: 0.0.0.0

I can ping any device on my primary network(10.10.10.0/25)
but not by name, nor can I access any device.
Cancel
Vote Up 0 Vote Down

Cancel
0 gatorbyte over 13 years ago in reply to Blackbird_71

I have the same problem all are connecting to the Astaro but none are able to access any computers on the local LAN with default PPTP IP.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 gatorbyte over 13 years ago in reply to Blackbird_71

I have the same problem all are connecting to the Astaro but none are able to access any computers on the local LAN with default PPTP IP.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data