theinvisibleghost

Hi there,
I'm a complete novice in this area.
We have setup a Win2k3 box. This is connected to a router.
The router has a static IP.
The router is giving out a 192.168.1.64 address to the server through
DHCP.
I've set the router up to port forward a couple of things including
Remote Desktop, a website, and a VPN.

In the Routing and Remote Access area I set the server
to give out addresses from a static pool of 192.168.1.100 through to
110.
No other machines will be directly connecting to the network other
than the server.

I can connect to the VPN and most of the time it connects ok.
Once connected to the VPN I can remote desktop to the server using
it's
internal address and this works fine.

However If I connect using the external address odd things happen.
Occasionally the remote desktop connects instead to other
machines on the network. (Regardless of whether I myself am connected
to the VPN)

The website is also having difficulties. Sometimes it connects OK.
Sometimes (Very often) nothing comes up..

Is this because I've forced the two networks to co-exist, the VPN and
the Router?
Any help would be much appreciated.
Cheers,
Chris.

theinvisibleghost

Forgot to add, is there anyway to get the VPN to get
addresses from the router, instead of using it's own
DHCP server?

kurt

First of all, whenever you forward a port to an IP address, that IP
address needs to be static, not a DHCP address. Change your router to
give out a scope large enough for your local LAN, lets say you need 40
IP addresses, the router is .1 and it gives out DHCP addresses from .10
to .50. Your server should be assigned a static IP address outside the
DHCP scope, say .99. The server should also be set to give VPN clients
an address from a static pool outside the DHCP scope, say 100 - 110.
Your router should be set to forward to .99 for RDP, PPTP, etc.

When a remote client is connected to the VPN, if the clients network
advanced options (for the VPN adapter) are set to "use default gateway
on remote network" (the default), you likely will have to RDP to the
server's internal address. If no routing is required to access other
subnets once the VPN is connected, you can uncheck the "use default
gateway on remote network" box on the client, then you should be able to
RDP using either the internal or external address.

....kurt

theinvisibleghost

OK the server's now on a static address.192.168.1.64.
I've turned DHCP off on the router altogether. There's only the
server directly connected to the lan.
The VPN clients select from a pool 192.168.1.100 -> 110
Still we have this peculiar problem where when a VPN Client connects,
odd things start happening. The port forwarding on the router
seems to get confused and start forwarding to the VPN clients
rather than the server. Despite the fact it's got a static IP Address
to forward to. This brings down our support forum,
and makes connecting to the VPN very difficult.

My boss is getting fed up of not being able to connect, and I
think has ordered a VPN router now, so I think I've run out
of playtime. I'm just curious as to what could cause this however.
I'm wondering if the routers not working correctly.
It's a BT Business Hub and it's got a seriously bad UI to it.

theinvisibleghost

OK £200 later and an expensive man with a suite and we
have a shiny VPN Router...
And I've realised what the problem is... to late...
and the VPN Router didn't solve it.

To stop other people making the same folly I'll post what happened
here!
While I was setting up the VPN to use the 192.168.1.x addresses
what I didn't consider was that the other guys which would be
connecting
to the VPN also had a network with exactly the same addresses.

Everytime they connected to the VPN the networks colided in a horrible
clash
of bits, and everything fell to pieces.

Instead of paying man in shiny suite to resolve our problems
all I really need have done is change the VPN to use something more
obscure and everything would have worked fine.

Don't tell the boss!