Been Googlewhacking all morning over this!
When our previous VPN server decided to disappear off the edge of the virtual world I set up RRAS on a spare server pretty much as before (still debating if I really needed the VPN with NAT option) but started having issues with external users not being able to connect to the Internet while on VPN.
A quick search shows that it's by design of the VPN client for security. Quick fix was to disable the "Use VPN Connection Default Gateway" ...great I think... but then read the security implications and don't feel so comfortable with it now...
Tried all different ways to get Internet through the VPN connection but the only joy is with a proxy set in IE and our IPCop firewall set to transparent proxy. Works OK and might be a better solution but I can't help thinking there must be another way?
Rough setup is...
- server with 2 NICs
- one for VPN inbound (port filtered at firewall and forwarded to this NIC). No default gateway on this one
- one is the main internal connection and used for all other services etc. Default gateway set to main firewall
- static address pool for IPs (no DHCP relay agent)
I was wondering if using the relay agent if it would set the default gateway but from what I read I think it would make no difference as the VPN replaces it with its own internal gateway to make the connection (although I may be wrong here?)
Already had to set the DNS suffix on the VPN client connection as it wasn't picking that up correctly, no biggie but annoying nonetheless.
Anyone managed to get this panacea working or is it proxy setting time?
P.S. TS RemoteApp sounds so tempting after all this!!!
Last edited by gshaw; 15th October 2009 at 02:40 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)