[isalist] Re: Problems with VPN from a VISTA client

• From: "Dan Bartley" <bartleyd@xxxxxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 7 Feb 2007 15:09:21 -0500

I could be wrong in interpreting this, but...

 

You only set Use Remote Default Gateway for a VPN if you are trying to
prevent Internet access through the NIC on the client while connected to
the VPN, which without some static routes on the remote end means no
Internet while connected to the VPN. At least in RRAS on a network using
a different switch or firewall from the VPN server for external access,
I'm not sure if you can even do the static route on ISA to allow a route
back out the external interface. Setting Default Gateway will have no
effect on the VPN traffic either way, as Thor said, that is routed
through the IP of the VPN interface.

 

Best Regards, 

Dan Bartley

 

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thor (Hammer of God)
Sent: Wednesday, February 07, 2007 14:11
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Problems with VPN from a VISTA client

 

The Vista VPN client does not set the "default gateway" on the interface
config when you establish the VPN connection.  Rather, it sets the
routing table's 0.0.0.0 mask 0.0.0.0 destination to a low metric with
the gateway set to "on-link" which is functionally the same thing on a
"single VPN" connection.  This is to better support multi-VPN /
Multi-protocol (ipv4 and ipv6) clients in complex networks while
maintaining "security zone" settings.  The "on-link" interface maintains
security zone configurations where a standard gateway/interface default
gateway won't.

When you connect, check your routing table ("route print") and you'll
see the on-link gateway set to the interface ip given by your server.  

I'd say you've got some other configuration issue.  What exactly doesn't
work?

t


On 2/6/07 1:53 PM, "William Holmes" <wtholmes@xxxxxxxxxxxxxx> spoketh to
all:

Hello,
 
I know this is slightly off topic but...... I am having trouble
connecting to my ISA 2004 server from my Vista Client. I have the
connection configured to use the default gateway on the remote network.
However the default route for the (VPN PPP) adapter is never set. The
adapter is assigned a IP address and a Network Mask but no default
route. Under Windows XP a default route is assigned to the adapter so IP
traffic can flow. I have never had any trouble with my XP clients. 
 
Can anyone explain to me how to fix this problem. Not being able to use
VPN networks is a real problem.
 
This is Windows Visa Ultimate. Connecting to ISA2004. XP clients work
fine.
 
Thanks
 
Bill



 

• Follow-Ups:
  • [isalist] Re: Problems with VPN from a VISTA client
    • From: William Holmes

• References:
  • [isalist] Re: Problems with VPN from a VISTA client
    • From: Thor (Hammer of God)

Other related posts:

• » [isalist] Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client
• » [isalist] Re: Problems with VPN from a VISTA client

1. Home
2. isalist
3. Archive
4. 02-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---