VPN Connects but no remote LAN access Solved/Closed

Question

Hello,

This just started happening about two weeks ago.  I connect to a client site using Microsoft VPN client (pptp).  THis has worked for well over a year until two weeks ago.  Now when I try and connect I establish a tunnel but cannot access resources on the remote LAN whether by IP address or UNC, hostname, etc.  After about 30 to 60 seconds the tunnel disconnects without error or notification.  I have this problem on 3 of my office PCs and also if I try this from my server.

Here's where it gets strange - I have two other PCs in my home office that are on the same LAN as my business machines and they CAN establish a VPN tunnel to my customer's office and ping all devices on the remote LAN!  They have the same OS (Windows XP Pro SP3) as the machines that are not successful.

Normally I wouldn't care if I couldn't reach their network remotely as I have other means of connecting, but this client has remote users and the same problem I have has happened to one of their remote users.  So now I have to figure it out.  I'm not sure what other detail I need to provide.  I'm wondering if a new Microsoft patch has had some affect or not.  

Some things I have tried:
Removing the VPN connection and adding it again
Run a repair on the NIC
Flush DNS
firewalls are disabled on all machines
unchecked and removed tcpip from NIC.  Reinstalled TCPIP.
Rebooted (of course)

cadbomb · Accepted Answer

I had a similar issue... What I had to do was tell the connection to not use the remote gateway to connect through internet. 

On the Windows machine :

  go to the properties of the VPN connection.
 Click on the Networking tab and double click Internet Protocol Version 4 (TCP/IPv4). 
Click Advanced and uncheck the box for "Use default gateway on remote network." 

This will route all of your local traffic through whatever network you're locally connected to, and any remote traffic through the VPN connection. 

This also assumes that you're not trying to route your internet traffic through the VPN. If you leave this option set, then you will not be able to access any local network resources without manually specifiying routes to get to them. This is the default design of VPN :D. 

I know this post is old, but I figured I'd put in what I discovered it to be, maybe it can help somebody down the road.

MoonMan · Answer

I had the same issue and did a google search. Came across this post and also other posts. The solution that worked for me was the following:

Do the following in the command prompt:

route delete xx.xx.xx.xx where xx.xx.xx.xx is your LAN network id (usually xx.xx.xx.0)

pcmaximum · Answer

The lack of connectivity is generally either vpn client configuration based, or the firewall on the local pc's that are unable to pass traffic would be the first thing I would check.  

generally if a vpn client successfully connects, that means that handshake portion is over, a secure connection has been established (port 51) ... however data is unable to use this tunnel for some reason ergo port 500 is blocked or if that is not the case then the traffic is getting to the far end but not returning via the tunnel, (in this case that is not true, as 2 of the PC's are using the same configuration and most likely the same tunnel on the firewall (remote dialup clients) with traffic returning to them.

so back to basics:

1) check the client vpn configurations
      a) make sure that the client is setup to "only connect manually" or has split horizon enabled.
2) check that the firewall has not blocked port 500 on the PC, if you are unable to view the blocked list, then 
      create an exception rule for ports 51 and ports 500 inbound and outbound.

hope this helps

BK · Answer

The reason your method worked is surely due to arp-cache!

CJ · Answer

I had the same problem with the Cisco client and after further invenstigation it turns out that the device you are connecting to can tell your PC that it is not allowed to talk to any other network, even the local one, while your VPN is active.  This is a security feature that governments, military, and some companies reuqired.  I had the administrator of the Cisco device change the settings so that I could access my local network at the same time at the VPN.

I hope this helps.

randomDrops · Answer

i find on most computers I am using clearing the arp cache fixes 90% of connection problems to the internet. - apart from manually clearing the cache by using a command code or in services, I mainly use the connection repair - double click your connection, wireless or wired then the support tab at the top of that window and then repair. fixes 90% of internet connectivity problems. if repair does not work or fails use one of the commands to clear the arp-cache manually.

VPN Connects but no remote LAN access

6 responses

Similar discussions

Subscribe To Our Newsletter!