PPTP Client succeeds in dialing in, does nothing else

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Sun Jul 01, 2012 16:32    Post subject: PPTP Client succeeds in dialing in, does nothing else Reply with quote
I have a Linksys E2000 configured as a client bridge. I also enabled PPTP client to be able to access my home network.

Now when I access my VPN server (a Windows Server 2008 machine) via another internet connection I have available here, it shows the PPTP client as dialed in, and that's about it. I cannot access the network my VPN server is in. I cannot even ping the IP address the PPTP client gets from the server.

Is it normal that the PPTP client from dd-wrt does connect successfully, and then goes on to offer no additional functionality at all?

Normally, when I use a VPN client to access a network, it actually allows me access to that network.
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 2049

PostPosted: Sun Jul 01, 2012 16:42    Post subject: Reply with quote
The dd-wrt built-in VPN client only works across the WAN, and since a client bridge doesn't use the WAN, it's not going to work.

Unfortunately the developers of dd-wrt don't make that very clear in their documentation. And so we see this issued raised again and again.
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Sun Jul 01, 2012 17:00    Post subject: Reply with quote
So what do you suppose the easiest solution would be? My current setup here is that I have a modem with WLAN capability (Thomson 870) set up as an AP with the E2000 connecting to it in client bridge mode, and my computer connecting to the E2000 via cable. I don't mind changing that configuration, as long as I get the VPN client to work on my E2000.. that is the top priority. Note that I also have an internal PCI WLAN adapter in my PC, so I can also connect to all devices via wireless.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 2049

PostPosted: Sun Jul 01, 2012 17:11    Post subject: Reply with quote
Many modem+router devices can be demoted to just a modem using a feature called "bridge mode". You then connect your E2000 router's WAN to the Thomson just like any other standalone modem. And now the VPN client will work.

That would be a better configuration anyway, even if you weren't using a VPN client. Now the E2000 takes over ALL responsibilities for the local network, including NAT, firewall, port forwarding, wireless, etc. So you get what you paid for.

If “bridge mode” isn’t available/supported, you can always daisy change routers together, WAN to LAN. But now each router must have its own unique network (e.g., 192.168.1.x and 192.168.2.x). And now you’re double NAT’d and behind two firewalls, which complicates remote access a bit. But for outbound connections, it’s usually a non-issue.

If you still need the client bridge, you’ll just have to consider purchasing another router configured w/ dd-wrt.
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Sun Jul 01, 2012 18:51    Post subject: Reply with quote
Oooookay.. I'm kinda dizzy now, but here goes:

The E2000 is now in AP mode. It is connected via cable from its WAN port to one of the LAN ports of the modem. My computer is connected to the E2000 via WLAN.

I did not discover any possibility for bridging on my modem, so the IP configuration is now as follows:

The modem's LAN IP is 192.168.9.71. The E2000's WAN interface has 192.168.9.70, with its gateway set to 192.168.9.71 and the DNS servers to those provided by my ISP. The E2000's LAN/WLAN side is 192.168.8.70. My computer has the IP 192.168.8.11, with its gateway and DNS both set to 192.168.8.70.

The PPTP client still manages to connect successfully and receives an IP via DHCP in the 192.168.10.x range. Now I have tried any settings on my computer, and can reach neither the IP in that subnet that the PPTP client has, nor any other in that subnet.

I am obviously still doing something wrong. Please advise.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 2049

PostPosted: Sun Jul 01, 2012 19:18    Post subject: Reply with quote
So you can't ping the VPN server either?

Can you tell if the VPN server shows you as connected, with a session?
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Sun Jul 01, 2012 21:57    Post subject: Reply with quote
No I can't reach/ping the VPN server from there. Right now though I've driven (through a beautiful thunderstorm btw, nothing like driving in a summer night and watching the lightning dance) to the location where my VPN server is. Meaning I am (physically) in the 192.168.10.x network now.

Yes, the E2000 has a session here. Connected since 2+ hours, at least that's looking good. I also can ping it from here (from any computer in this subnet), AND, more surprisingly, if I enter its IP into the browser I get connected to the dd-wrt config page.

Must really be something with routing, mustn't it? Please continue to help me though, I'm really a zero at routing Wink
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 2049

PostPosted: Sun Jul 01, 2012 22:05    Post subject: Reply with quote
Are you sure the MS VPN server is configured to allow access to the rest of your network? That's an option on its configuration pages. IIRC, it's on by default, but make sure anyway.
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Sun Jul 01, 2012 22:58    Post subject: Reply with quote
Yeah. Other clients can access the network via VPN just fine.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 2049

PostPosted: Sun Jul 01, 2012 23:14    Post subject: Reply with quote
If it’s still not working, then while the VPN is established, dump the routing tables of the router w/ the VPN client. Let’s confirm it’s configured to route all 192.168.10.x traffic through the VPN server.

Telnet into the router (username=root, password=<your gui password>). Then issue the “route” (no quotes) command. Screen print it if it makes it easier to get the results posted back here (or else PM).
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Mon Jul 02, 2012 9:34    Post subject: Reply with quote
Okay. Seems like I can't use this config anyway. My VPN server is connected to the internet via an ISP that forces a reconnect and assigns a new IP every 8 hours. I solve this via a DDNS service, which works fine for the rest of my needs. The E2000 with dd-wrt doesn't seem to reconnect though every time the IP of the VPN server changes.
stoneeh
DD-WRT Novice


Joined: 18 Mar 2011
Posts: 12

PostPosted: Mon Jul 02, 2012 14:34    Post subject: Reply with quote
To circumvent that problem, I now do it the opposite way. I set up a PPTP server on my E2000. Enabled PPTP passthrough on my modem and did a port forward, port 1723 to 192.168.9.70, and everything went fine from the beginning. I can dial into here and ping and access clients, and since I have a fixed IP here with no reconnects the connection will/should always stay on, so I'll always have access when I want to.

You were very helpful eibgrad, thanks for your efforts.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum