Jump to content



Photo

VPN something XP can do that 7 can't.

vpn xp windows

  • Please log in to reply
42 replies to this topic

#1 +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 25 April 2014 - 16:55

So I'm wondering if someone knows the reason for this because it just seems odd.

 

With a setup of two NIC one is WAN and is LAN and ICS WAN to LAN and setup a Windows as a incoming VPN server with a IP range in ICS.

 

What XP can do is a client can connect to the VPN server for XP as a default gateway and use the internet. But setup in the same way in 7 is a client connects to the VPN server for 7 as a default gateway but no internet.

 

Why is that? thanks

VPN%20something%20XP%20can%20do%20that%2




#2 Phemo

Phemo

    Neowinian Senior

  • Joined: 04-February 04

Posted 25 April 2014 - 17:09

Haven't played around with a 2 NIC solution in XP, but I have had Windows 7 working as a PPTP VPN server before with no problem.  The only thing I found I had to do is manually assign an IP range for VPN clients to use (under TCP/IP settings in Incoming Connections) instead of leaving it set to DHCP.  With that I have had connections coming in with the use default gateway option ticked and all has worked fine whereas it wouldn't work when set to DHCP.  Have you tried that yet?

 

Actually scratch that, first I should ask if the connected clients are getting an IP address that you'd expect them to get?



#3 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 25 April 2014 - 17:20

Sure I'm getting a VPN connection over PPTP and even a self signed cert over L2TP/IPSec but no internet over the VPN server and with XP as the VPN server you can get internet with default gateway option ticked for the client but not with 7 as the VPN server.



#4 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 25 April 2014 - 17:52

Run ipconfig /all on the 7 installation. Most of these issues are caused by incorrect static addressing.



#5 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 25 April 2014 - 18:21

ipconfig /all from windows 7

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : _
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adap
er (Emulated)
   Physical Address. . . . . . . . . : 00-68-9D-7F-74-44
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 82.36.206.233(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Lease Obtained. . . . . . . . . . : 25 April 2014 14:22:07
   Lease Expires . . . . . . . . . . : 02 May 2014 14:22:03
   Default Gateway . . . . . . . . . : 82.36.206.1
   DHCP Server . . . . . . . . . . . : 62.253.131.201
   DNS Servers . . . . . . . . . . . : 127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adap
er (Emulated) #2
   Physical Address. . . . . . . . . : 00-24-2D-5F-34-33
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.137.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.137.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{9615A284-8CAC-4FFD-A374-D7F8B8ED7B49}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8E89C79D-B054-4EE0-9062-D8E232083ADF}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:5224:cee9::5224:cee9(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 127.0.0.1                                
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Windows 7 sets the LAN NIC ICS to 192.168.137.1 which I changed to 192.168.137.2 in XP VPN ICS setup its 192.168.0.1 changed to 192.168.137.2 either way ICS works for the LAN but the main problem is no internet over the VPN from 7 that XP VPN server can do. 

I have tried setting IPEnableRouter in regedit that does not help.

 

In XP the Node Type is listed as unknown.



#6 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 25 April 2014 - 18:35

Whats up with the 127.0.0.1 dns ? Is it an internal dns server ? If so you should specify it on the internal NIC and configure the forwarders eg

 

Ethernet adapter DMZ Network:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #4
   Physical Address. . . . . . . . . : 00-15-5D-13-4D-02
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.2.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.2.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

 

Ethernet adapter Server network:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #3
   Physical Address. . . . . . . . . : 00-15-5D-13-4D-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 10.0.0.11
                                       10.0.0.12

   NetBIOS over Tcpip. . . . . . . . : Disabled

 



You can try to ping 8.8.8.8 or the 82.36.206.233 from a vpn client to eliminate dns being the cause.



#7 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 25 April 2014 - 18:45

Whats up with the 127.0.0.1 dns ? Is it an internal dns server ? If so you should specify it on the internal NIC and configure the forwarders eg

I got Bind running and even if a set a DNS for the client to use like 8.8.8.8 that dose not help

 

 

You can try to ping 8.8.8.8 or the 82.36.206.233 from a vpn client to eliminate dns being the cause.

 

can ping 192.168.137.3 not 8.8.8.8 or the 82.36.206.233 from a vpn client



#8 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 25 April 2014 - 18:58

Then that just leaves NAT/ICS since you are using RRAS you could disable ICS entirely and have RRAS do the NAT.

 

http://technet.micro...y/dd458971.aspx



#9 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 25 April 2014 - 20:02

I don't seem to have that option in windows 7 pro



#10 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 89
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 25 April 2014 - 23:38

Ok lets get some basic info here, what IP is the remote box getting?  What IP does it have on its network? 

 

How about just doing a traceroute

 

example

C:\>tracert -d 8.8.8.8                              
                                                    
Tracing route to 8.8.8.8 over a maximum of 30 hops  
                                                    
  1    <1 ms    <1 ms    <1 ms  192.168.1.253       
  2    19 ms    21 ms    30 ms  24.13.xx.xx     
  3    11 ms    11 ms    10 ms  68.85.131.153     

 

And see if you go down the vpn even.



#11 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 26 April 2014 - 09:17

For the VPN the client gets 192.168.137.4

 

VPN connected tracert -d 8.8.8.8

Tracing route to 8.8.8.8 over a maximum of 30 hops

  1     1 ms     1 ms     1 ms  192.168.137.3
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5  ^C

 

VPN not connected tracert -d 8.8.8.8

Tracing route to 8.8.8.8 over a maximum of 30 hops

  1     1 ms    <1 ms    <1 ms  192.168.137.2
  2     *        *        *     Request timed out.
  3     9 ms     7 ms    10 ms  62.252.175.225
  4     9 ms    10 ms     8 ms  81.96.0.153
  5    11 ms    13 ms    10 ms  81.96.0.145
  6    11 ms    11 ms    11 ms  212.250.14.202
  7    21 ms    21 ms    22 ms  72.14.198.97
  8    17 ms    17 ms    17 ms  209.85.255.76
  9    15 ms    15 ms    19 ms  209.85.244.240
10    21 ms    22 ms    20 ms  72.14.232.134
11    23 ms    21 ms    21 ms  216.239.49.45
12     *        *        *     Request timed out.
13    22 ms    24 ms    21 ms  8.8.8.8

Trace complete.

 

Has anyone done this setup in windows 7 pro for testing?



#12 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 26 April 2014 - 09:34

Then its a NAT issue

 

I don't seem to have that option in windows 7 pro

What are you using for the vpn ? I thought you already had routing and remote access enabled if not you enable it in the program and features section of the control panel its the same as the windows server guide for nat and vpn then



#13 OP +PeterUK

PeterUK

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 26-March 07

Posted 26 April 2014 - 10:20

What are you using for the vpn ? I thought you already had routing and remote access enabled if not you enable it in the program and features section of the control panel its the same as the windows server guide for nat and vpn then

Its the windows 7 VPN and yes routing and remote access is enabled the link you gave Applies To: Windows Server 2008 R2.



#14 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 89
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 26 April 2014 - 10:40

Why is when on the vpn is network the same as when not on the vpn?  Your first hop is just .3 vs .2 ??

 

He should be getting an IP on the remote network..

 

Where did you come up with 192.168.137??

 

And your vpn server is directly on the public internet - your not behind a router?

 

IPv4 Address. . . . . . . . . . . : 82.36.xx.xx(Preferred)

 

so for example - just setup vpn on one of my VMs that is on a different network segment..  Bing bang zoom I am using the internet through its connection

 

PPP adapter VPN Connection:                                                 
                                                                            
   Connection-specific DNS Suffix  . :                                      
   Description . . . . . . . . . . . : VPN Connection                       
   Physical Address. . . . . . . . . :                                      
   DHCP Enabled. . . . . . . . . . . : No                                   
   Autoconfiguration Enabled . . . . : Yes                                  
   IPv4 Address. . . . . . . . . . . : 192.168.3.201(Preferred)             
   Subnet Mask . . . . . . . . . . . : 255.255.255.255                      
   Default Gateway . . . . . . . . . : 0.0.0.0                              
   DNS Servers . . . . . . . . . . . : 192.168.3.253                        
   NetBIOS over Tcpip. . . . . . . . : Enabled                              
                                                                          

C:\>tracert -d 8.8.8.8                            
                                                  
Tracing route to 8.8.8.8 over a maximum of 30 hops
                                                  
  1     1 ms     1 ms     1 ms  192.168.3.202     <--- this is vpn server IP
  2     1 ms     1 ms     1 ms  192.168.3.253     <--- this is gateway on that network
  3    25 ms    25 ms    29 ms  24.13.xx.xx      
  4    12 ms    14 ms    11 ms  68.85.131.153   

 

Currently using neowin while connected this way.  Here is my vpn clients normal network interface

 

C:\>ipconfig /all                                                                  
                                                                                   
Windows IP Configuration                                                           
                                                                                   
   Host Name . . . . . . . . . . . . : i5-w7                                       
   Primary Dns Suffix  . . . . . . . : local.lan                                   
   Node Type . . . . . . . . . . . . : Broadcast                                   
   IP Routing Enabled. . . . . . . . : No                                          
   WINS Proxy Enabled. . . . . . . . : No                                          
   DNS Suffix Search List. . . . . . : local.lan                                   
                                                                          
Ethernet adapter Local:                                                            
                                                                                   
   Connection-specific DNS Suffix  . :                                             
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet      
   Physical Address. . . . . . . . . : 18-03-73-B1-0D-D3                           
   DHCP Enabled. . . . . . . . . . . : No                                          
   Autoconfiguration Enabled . . . . : Yes                                         
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)                    
   Subnet Mask . . . . . . . . . . . : 255.255.255.0                               
   Default Gateway . . . . . . . . . : 192.168.1.253                               
   DNS Servers . . . . . . . . . . . : 192.168.1.253                               
   NetBIOS over Tcpip. . . . . . . . : Enabled                                   

 

 

so on the vpn machine

 

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.3.202(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

 

This is really just click and done - no weird setting to change or anything.  But from what you have posted your vpn machine has a public IP, and then you came up with this 192.168.137 network??  Which is the same network as your remote network?  And your vpn machine would have to nat the vpn connection, which doesn't happen - normally the vpn client just gets an IP on the vpn servers network.



#15 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows 8.1 Enterprise & Server 2012R2/08R2 Datacenter
  • Phone: Nokia Lumia 1520

Posted 26 April 2014 - 11:37

Its the windows 7 VPN and yes routing and remote access is enabled the link you gave Applies To: Windows Server 2008 R2.

Its the same thing though just setup nat with routing and remote access, It will probably solve your issue ICS isn't dependable.