[isalist] Re: Problems with VPN from a VISTA client
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 8 Feb 2007 07:37:17 -0800
Didn't you say what?
Were you speaking?
:-p
________________________________
From: isalist-bounce@xxxxxxxxxxxxx on behalf of Thor (Hammer of God)
Sent: Thu 2/8/2007 6:29 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Problems with VPN from a VISTA client
Didn't I say all that??? ;)
t
On 2/7/07 2:25 PM, "William Holmes" <wtholmes@xxxxxxxxxxxxxx> spoketh to all:
Hello,
Under Windows XP the default gateway was not set to 0.0.0.0 when you
did an ipconfig command. Under Vista it is set differently. At any rate it
turns out that I had the network setting configured to be a public rather
private network. After changing that I am able to connect through my VPN
connection.
The change in the default gateway was the only obvious difference
between the network setup which is why I was questioning it.
Bill
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Dan Bartley
Sent: Wednesday, February 07, 2007 3:09 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Problems with VPN from a VISTA client
I could be wrong in interpreting this, but...
You only set Use Remote Default Gateway for a VPN if you are trying to
prevent Internet access through the NIC on the client while connected to the
VPN, which without some static routes on the remote end means no Internet while
connected to the VPN. At least in RRAS on a network using a different switch or
firewall from the VPN server for external access, I'm not sure if you can even
do the static route on ISA to allow a route back out the external interface.
Setting Default Gateway will have no effect on the VPN traffic either way, as
Thor said, that is routed through the IP of the VPN interface.
Best Regards,
Dan Bartley
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of God)
Sent: Wednesday, February 07, 2007 14:11
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Problems with VPN from a VISTA client
The Vista VPN client does not set the "default gateway" on the
interface config when you establish the VPN connection. Rather, it sets the
routing table's 0.0.0.0 mask 0.0.0.0 destination to a low metric with the
gateway set to "on-link" which is functionally the same thing on a "single VPN"
connection. This is to better support multi-VPN / Multi-protocol (ipv4 and
ipv6) clients in complex networks while maintaining "security zone" settings.
The "on-link" interface maintains security zone configurations where a standard
gateway/interface default gateway won't.
When you connect, check your routing table ("route print") and you'll
see the on-link gateway set to the interface ip given by your server.
I'd say you've got some other configuration issue. What exactly
doesn't work?
t
On 2/6/07 1:53 PM, "William Holmes" <wtholmes@xxxxxxxxxxxxxx> spoketh
to all:
Hello,
I know this is slightly off topic but...... I am having trouble
connecting to my ISA 2004 server from my Vista Client. I have the connection
configured to use the default gateway on the remote network. However the
default route for the (VPN PPP) adapter is never set. The adapter is assigned a
IP address and a Network Mask but no default route. Under Windows XP a default
route is assigned to the adapter so IP traffic can flow. I have never had any
trouble with my XP clients.
Can anyone explain to me how to fix this problem. Not being able to use
VPN networks is a real problem.
This is Windows Visa Ultimate. Connecting to ISA2004. XP clients work
fine.
Thanks
Bill
All mail to and from this domain is GFI-scanned.
Other related posts:
