On 1 Nov 2005 at 11:25, Joe Pruett wrote:
on the windows box deep in the network properties for the vpn you'll find the 'use default gateway on this interface' or something very much like that. uncheck that and then regular internet traffic will not go over the vpn.
Thank you. I found a fairly well written faq on what can go wrong with vpn, which of course I cannot find at the moment. The basic problem with my setup as originally given is that VPNs cannot connect over IPs belonging to the same netblock as the physical NICs. So the client end has to have an IP address assigned by the pptpd that is on a different netblock from that assigned to its NIC.
I changed the client side IP address asignment and I can now get a VPN link to the PPTPD host, but I cannot get a route off that box. Once I get past that problem then I will post a summary of whaI did. This is evidently a routing issue, as you have pointed out, but one that is probably a by product of some configuration error I have made to the pptpd options.
Regards, Jim
James B. Byrne wrote on Tue, 01 Nov 2005 23:53:36 -0500:
Thank you. I found a fairly well written faq on what can go wrong with vpn, which of course I cannot find at the moment. The basic problem with my setup as originally given is that VPNs cannot connect over IPs belonging to the same netblock as the physical NICs.
Just for the record, they *can* connect. But it won't change the routing.
Kai
On Wed, 2005-11-02 at 05:31, Kai Schaetzl wrote:
James B. Byrne wrote on Tue, 01 Nov 2005 23:53:36 -0500:
Thank you. I found a fairly well written faq on what can go wrong with vpn, which of course I cannot find at the moment. The basic problem with my setup as originally given is that VPNs cannot connect over IPs belonging to the same netblock as the physical NICs.
Just for the record, they *can* connect. But it won't change the routing.
It doesn't make any sense to change 'routing' when you are on the same broadcast network with both addresses. That is, the IP handed back for the PPTP endpoint is going to have an address within the same netmask as your ethernet card so there is no reason to prefer it, and if it did, you would need an exception for the source/destination of the tunnel (and at both ends...).
Les Mikesell wrote on Wed, 02 Nov 2005 10:01:32 -0600:
It doesn't make any sense to change 'routing' when you are on the same broadcast network with both addresses.
I take this as an expansion of my posting? I didn't say it makes sense ;-) I just wanted to explain that the fact that he uses IP addresses from the same segment is not the cause of the problem if he can't even establish that PPTP tunnel.
Kai
-
James B. Byrne -
Kai Schaetzl -
Les Mikesell