VPN help...

Discussion in 'OT Technology' started by linebacker, Jul 28, 2005.

  1. linebacker

    linebacker New Member

    Joined:
    Jul 14, 2004
    Messages:
    1,005
    Likes Received:
    0
    Location:
    bay arear
    in the watchguard manager for the firebox at work, i added myself, password and everything.

    got home, i set up the VPN connection. checked windows logon domain checkbox, selected require secure password, and checked the require data encryption box. i selected automatic VPN. everything should be fine.

    i go into dos prompt and check my IP before i connect. i connect to the VPN, no problem. check my IP after connection and it's still the same as before. when i try to connect to any of the servers, i get an error saying "the specified computer could not be found. verify that you have typed the correct computer name or IP address and try again". i am sure that the server name is correct and i've tried all the servers and same error msg every time. and the servers are obviously up and running.

    what could be the problem? i am connecting fine, but my IP stays the same. i try \\servername\c$ in explorer and i get the error msg "cannot find \\servername\c$ blah blah blah"

    can anyone point me to what could be the problem? thanks!
     
  2. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,626
    Likes Received:
    41
    Location:
    Atlanta, GA
    The IP of the network card will stay the same. When you do ipconfig at the command prompt there should be a new adapter (PPTP or IPSEC) that should have the IP info given out by the VPN server.

    Is that there after you connect to the VPN?
     
  3. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    And that IP given by the server should be on the same subnet as your internal LAN at your office.
     
  4. linebacker

    linebacker New Member

    Joined:
    Jul 14, 2004
    Messages:
    1,005
    Likes Received:
    0
    Location:
    bay arear
    when i'm connected, the "ethernet adapter" IP is the same as the "PPP adapter" for the connection (except mine ends with .2 and the PPP adapter ends with .252). all the other number are the same.... weird. when i am connected and i doubleclick on the connection status and go into details, server IP address shows the office's address and client IP address is mine.

    when i do "ipconfig" in dos prompt, the PPP adapter IP is not the subnet of the LAN for my office (even though that's what i'm connecting to). it shows the same as my IP (but as mentioned earlier ends with .252)

    any possible reasons why this could be?

    thank you for your help!
     
    Last edited: Jul 28, 2005
  5. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    Ok, I see what might be going on. If your home network is the same as your work network, you are going to have a problem. Typically, a work's IP range should take on the 10.x.x.x range and your home should use 192.168.x.x. The reason? If they're the same and a lookup of workserver returns an address that is on the same subnet as your home, your computer will assume it can contact that machine locally.

    You can change your own router if you'd like, but for ease of setting up other people at home, it's much easier to change your corporate network address scheme, otherwise you will run into this problem with someone else.
     
  6. linebacker

    linebacker New Member

    Joined:
    Jul 14, 2004
    Messages:
    1,005
    Likes Received:
    0
    Location:
    bay arear
    no, i'm pretty sure that's not the problem. i use residential charter high speed cable internet at home that i pay for. totally different from work where we have 2 T1 lines (i think from swbell)

    yeah, the work IP is 64.xxx.x.xxx and my home is 192.168.0.2

    other users can log on with no problem. that's why i'm sure it's a problem with some setting on my computer (surely some problem on my end)
     
  7. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,626
    Likes Received:
    41
    Location:
    Atlanta, GA
    No he is saying that the IP subnet handed out by your VPN server is the same as the one your home network is using. They are both probably 192.168.0.0/24. There would be no reason for your VPN server to hand out public routable addresses, hence the private in VPN. :o

    Change your VPN server so that its address pool is something like 192.168.255.0/255.255.0.0 Hopefully all of your work machines are in a 24 bit subnet. :mamoru:
     
  8. Keyzs

    Keyzs OT Supporter

    Joined:
    Nov 3, 2003
    Messages:
    814
    Likes Received:
    0
    Location:
    Charlotte, MI
    What Watchguard firewall do you have? The SOHO's do not allow VPN's to actually do anything without the client.

    Are others able to access the network? Are you doing it as a BOVPN, MUVPN or a straight IPSEC? Which version of FSM are you using? Is there a rule to allow VPN users to access the entire internal network (or atleast the machines your trying to access?) Also, Watchguards wording is a little strange when it comes to VPN's and PPTP tunnels are you sure you are using the right one?

    The Firebox must be setup with the DNS server on the internal side of the network for name resolution to work. Try using an IP address and see if you can connect to it.

    If that fails post your IPCONFIG...

    (sorry if these are already answered, did not have time to read all)
     

Share This Page