Search : in
By :

VPN Connects but no remote LAN access

Last answer on Sep 24, 2009 1:01:05 am BST Redeemer, on Feb 10, 2009 8:17:07 pm GMT 
 Report this message to moderators

Hello,

This just started happening about two weeks ago. I connect to a client site using Microsoft VPN client (pptp). THis has worked for well over a year until two weeks ago. Now when I try and connect I establish a tunnel but cannot access resources on the remote LAN whether by IP address or UNC, hostname, etc. After about 30 to 60 seconds the tunnel disconnects without error or notification. I have this problem on 3 of my office PCs and also if I try this from my server.

Here's where it gets strange - I have two other PCs in my home office that are on the same LAN as my business machines and they CAN establish a VPN tunnel to my customer's office and ping all devices on the remote LAN! They have the same OS (Windows XP Pro SP3) as the machines that are not successful.

Normally I wouldn't care if I couldn't reach their network remotely as I have other means of connecting, but this client has remote users and the same problem I have has happened to one of their remote users. So now I have to figure it out. I'm not sure what other detail I need to provide. I'm wondering if a new Microsoft patch has had some affect or not.

Some things I have tried:
Removing the VPN connection and adding it again
Run a repair on the NIC
Flush DNS
firewalls are disabled on all machines
unchecked and removed tcpip from NIC. Reinstalled TCPIP.
Rebooted (of course)

Configuration: Windows XP Pro SP3
Office LAN 10.255.10.x
Remote LAN 172.31.0.x
Internet Explorer 7.0

Best answers for « VPN Connects but no remote LAN access » in :
Unable to connect the printer , Access Denied Show Unable to connect the printer , Access Denied Issue Solution Issue Under Windows 2000/XP based environment ,whenever i try to take printing from my network printer (printer attached to other windows based system) , I was prompted by ...
[LAN] - Finding another computer’s name using IP Show[LAN] - Finding another computer’s name using IP Issue Solution Issue I need to find the computer name of one PC connected in LAN (joined to domain). I have the IP address of terminal. How to find the computername? Solution To...
Do you need a fix IP for remote connection? ShowDo you need a fix IP for remote connection? Myth Truth How does it work? An Internet Service Provider will usually provide a user with a fix IP address that cannot be changed by the user himself. This number is used by another...
LAN, Internet connection: choosing your router ShowLAN,Internet connection:Choosing your Router Intro Case 1 Case 2 Case 3 Options and features to consider Standards required for a WiFi router New Standards Intro A router comes in the shape of a box connected to your computer....
Installing a VPN server on XP ShowInterest of a VPN Setting up a virtual private network allows you to connect remote computers in a secure fashion via an unreliable (Internet) connection, as if they were on the same LAN. This procedure is used by many companies in order to allow...
Installing a VPN server in Windows XP ShowAdvantages of a VPN The set-up of a virtual private network enables the secure connection of remote computers through an unreliable connection (Internet), as if they were on the same local area network. This process is used by a variety of...
Sharing an Internet connection ShowAdvantagesIf you have a LAN (two computers or more connected in a network), of which one is connected to the Internet (via a DSL modem, cable, etc.), it may be worthwhile to make the Internet accessible to the other computers on the LAN by installing...

1

deane, on Feb 11, 2009 5:45:06 am GMT
  • +1

Hi,
it may be that you have a worm which is causing this trouble.
try running an updated anti-virus.
or you may check out this link as well:
http://en.kioskea.net/contents/pratique/vpn xp.php3

Reply to deane

2

Redeemer, on Feb 11, 2009 2:14:57 pm GMT
  • +11

I understand how to setup a VPN connection and like I said, it had been working successfully for well over a year. I appreciate the link, but that was not necessary.

I did resolve the problem but was wondering if anybody knows why my steps resolved the problem because for the life of me I don't know why this worked because it was just plain luck that I figured it out.

I have 5 office computers all running Windows XP Pro SP3. THey are all on my home office network - same subnet. They have an identical VPN configuration to one of my customers. I will refer to them as A, B, C, D and E.

A, B and C can connect to my client using VPN but cannot ping anything on the remote network. Once the connection is made these computers can't access anything on the local lan either. D and E can connect to the remote network and can ping the router and other resources on both the local and remote LAN.

The fix:
I wanted to compare the routing table of a successful and non successful connection so I was on computer A and remoted in to computer E using remote desktop. While remoted in I successfully connected to my customer using VPN. I minimized that window and then remotely accessed computer B from computer A. I then fired up a VPN connection and low and behold I was able to ping and access resources on the remote network. I couldn't believe it. I disconnected both remote desktop sessions and logged on at the console of B. I then established a VPN to my customer successfully. Computer B seemed to be "fixed". To make sure that nothing changed on the customer's end I went back to computer A and tried to make a VPN connection. I made the connection to the customer but could not ping or access resources on the remote LAN. So, I still had the problem with A and C.

I then did a remote desktop session from computer B to A and while on A established my VPN session to my customer and then everything was fixed on A. I did the same to C and now that one works as well.

Does anybody have a clue as to why this worked? Was there an easier way?

Reply to Redeemer

3

Tripping, on Apr 1, 2009 10:01:10 pm BST
  • +3

I m having same problem

What do mean by u fired up VPN ?

Reply to Tripping

5

Redeemer, on Apr 13, 2009 3:58:51 pm BST
  • +1

By "fire up" I meant start or establish my vpn connection. Sorry for the confusion.

Reply to Redeemer

4

191.191.1.3, on Apr 10, 2009 10:22:58 am BST

How i can this web based package open internert through open

Reply to 191.191.1.3

6

jing, on Apr 14, 2009 2:04:59 am BST
  • +7

I guess, what happen my laptop I just restore my laptop 2 days ago then I loss my internet connection i have a dsl cable, And I connected to my wireless it says it is connected but when i open my internet connection it wont connect i think it says local only, i am not good with this i did the diagnos turn off and on my wireless router but still not working

Reply to jing

7

rizidude, on May 13, 2009 9:32:07 pm BST

I think you ISP has stopped your internet connection.
i think it still says connected but local only.
you may of not payed your internet bill.

Reply to rizidude

8

notme, on Jul 6, 2009 5:03:53 pm BST

This site is full of morons that don't even know how to write English (or any language, really).

Reply to notme

9

veggiehead, on Jul 22, 2009 6:39:38 pm BST
  • +4

Well at least its not filled with unhelpful jerks like yourself.

Reply to veggiehead

10

notmeisanass, on Aug 18, 2009 8:08:05 am BST
  • +1

You think you are such an expert in english, just read what you have written.

Reply to notmeisanass

11

MBiehn, on Aug 28, 2009 1:54:24 pm BST

The truth is, most of posts are rather written in out-of-the-earth english but that's not a problem. The problem is, nobody came up with the solution to this issue....

Reply to MBiehn

12

MoonMan, on Sep 9, 2009 1:13:03 am BST
  • +3

I had the same issue and did a google search. Came across this post and also other posts. The solution that worked for me was the following:

Do the following in the command prompt:

route delete xx.xx.xx.xx where xx.xx.xx.xx is your LAN network id (usually xx.xx.xx.0)

Reply to MoonMan

13

pcmaximum, on Sep 24, 2009 12:56:07 am BST

The lack of connectivity is generally either vpn client configuration based, or the firewall on the local pc's that are unable to pass traffic would be the first thing i would check.

generally if a vpn client successfully connects, that means that handshake portion is over, a secure connection has been established (port 51) ... however data is unable to use this tunnel for some reason ergo port 500 is blocked or if that is not the case then the traffic is getting to the far end but not returning via the tunnel, (in this case that is not true, as 2 of the PC's are using the same configuration and most likely the same tunnel on the firewall (remote dialup clients) with traffic returning to them.

so back to basics:

1) check the client vpn configurations
a) make sure that the client is setup to "only connect manually" or has split horizon enabled.
2) check that the firewall has not blocked port 500 on the PC, if you are unable to view the blocked list, then
create an exception rule for ports 51 and ports 500 inbound and outbound.

hope this helps

Reply to pcmaximum

14

 pcmaximum, on Sep 24, 2009 1:01:05 am BST
  • +1

Woops sorry answered the wrong question, well sort of .. wrong protocol pptp uses 1723 and uses GRE 47 for the tunnel, port 50, 51 and 500 are used for IPSEC tunnels such as juniper networks and checkpoint.

sorry for the confusing, i had too many windows opened researching other and got them mixed up.

the basic premise is still correct just check for the right ports for your protocol :)

Reply to pcmaximum