News: This forum is now permanently frozen.
Pages: [1]
Topic: PPTP: mobile client connect, but cannot access fileserver  (Read 3076 times)
« on: January 29, 2008, 20:32:56 »
TW2007 *
Posts: 6

Hi all,

I've just installed a m0n0 router & firewall for my home network and I'm trying to configure the VPN so that mobile user can connect to my home network from anywhere. Connection is fine, but the mobile client cannot open the server share in Windows Explorer (Vista). It is able to ping the IP of the server without problems (server is on 192.168.123.252).

I have the LAN on 192.168.123.254, the VPN server on 192.168.123.50 and the VPN clients on 192.168.123.16/28. When connecting, the mobile client receives IP 192.168.123.16 or .17.

I have added a firewall rule that allows any traffic from PPTP clients to any destination. But whenever I try to open the share, I get the error "The network path was not found". Browsing the internet while connect to the VPN is no problem.

Any ideas?

Greetz
Tom
« Reply #1 on: January 30, 2008, 10:24:55 »
markb ****
Posts: 331

Where is the DNS running from?  What DNS address is the PPTP client getting? It sounds like a DNS related problem to me.  Can the PPTP client ping the server by name?
« Reply #2 on: January 31, 2008, 00:00:01 »
TW2007 *
Posts: 6

Just tried it again, the client receives an IP in the PPTP range I set, DNS servers are 192.168.123.254 (the m0n0 router) and 193.109.184.75 (one of the DNS's of my ISP). There is however no default gateway address and DHCP enabled is displayed as 'no'.

Pinging the server by name is not possible, but it's still possible to ping it by IP.

Tom
« Reply #3 on: January 31, 2008, 05:57:30 »
XIII *
Posts: 15

LAN must be on a different ip addressing scheme than the VPN server IE: LAN ip assigns IPs in the 192.168.x.x range and the VPN server assigns IPs in the 10.x.x.x range.
Example:
m0n0wall is 192.168.1.1 and all the other computers/devices are 192.168.1.2 - 192.168.1.25 with a subnet of 255.255.255.0 and the VPN server is 10.0.0.1 and all VPN users are 10.0.0.2 and up with the same subnet. All VPN users will now be able to VPN and access all shares on the remote network as well as the Internet, make sure that your firewall rules are set up properly to do this though-you have said you have done this- good.
« Reply #4 on: February 10, 2008, 11:56:57 »
TW2007 *
Posts: 6

Sorry for the late reply, I was on a ski trip...

I now changed the VPN server to 10.0.0.254 and the clients to 10.0.0.128 and up. When connected, the client receives a proper IP, but the default gateway is still blank. The subnet of the clients is 255.255.255.255 (this is different from the subnet of my home network, 255.255.255.0). I can ping the Server by IP, but still not by name.

Quote
Example:
m0n0wall is 192.168.1.1 and all the other computers/devices are 192.168.1.2 - 192.168.1.25 with a subnet of 255.255.255.0 and the VPN server is 10.0.0.1 and all VPN users are 10.0.0.2 and up with the same subnet.

When you say "same subnet", do you mean it has to be 255.255.255.0 as well? And if so, how do I change that?

Thanks for you help!

Tom
« Reply #5 on: February 12, 2008, 17:44:43 »
Lee Sharp *****
Posts: 517

LAN must be on a different ip addressing scheme than the VPN server IE: LAN ip assigns IPs in the 192.168.x.x range and the VPN server assigns IPs in the 10.x.x.x range.
Example:
m0n0wall is 192.168.1.1 and all the other computers/devices are 192.168.1.2 - 192.168.1.25 with a subnet of 255.255.255.0 and the VPN server is 10.0.0.1 and all VPN users are 10.0.0.2 and up with the same subnet. All VPN users will now be able to VPN and access all shares on the remote network as well as the Internet, make sure that your firewall rules are set up properly to do this though-you have said you have done this- good.
This is not correct.  I have 50 or so m0n0walls with the LAN ip 192.168.x.1/24 and the VPN IP 192.168.x.239 plus the next 16 IPs.  The users problem is client setup if he does not have a default gateway.  In the client (if Windows) do you have "Use default gateway on remote network" checked?
There is also a name resolution issue on the client side.  A host file, or lmhost file might help.  This has been discussed a lot on the mailing list, so searching the archives may help you.
« Reply #6 on: February 13, 2008, 20:06:17 »
TW2007 *
Posts: 6

OK, I solved my problem using the lmhost file on the windows clients, mapping the server ip with the NetBIOS name. Works perfectly now...

Thanks for your help guys!

Tom
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines