IT Guru's on VPN - Peugeot Forums
Peugeot Forums - Peueot - Citroen Community
Home :: Peugeot Forums :: Rules :: Articles :: About Us :: Partner Vendors :: Advertise


Go Back   Peugeot Forums > General > Off-topic
PeugeotForums.com is the premier Peugeot All Forum on the internet. Registered Users do not see the above ads.
Reply
 
LinkBack Thread Tools Display Modes
Old 28-06-13, 06:01 PM   #1
Inactive User
 
john_h's Avatar
 
Join Date: Nov 2009
Location: Gateshead - Tyne and Wear
Posts: 4,512
Question IT Guru's on VPN

Hi guys, this is basically a one for IT gurus...especially in the VPN field.

Lately a number of users, including myself have attempted to do some work from home (due to new contracts etc) by means of connecting to a VPN.

Now it all seems to connect and shows on the firewall (corporate end) to be connected...However on client end it shows as no data is passing in both directions....

now what myself and other have done is connected the VPN for a few minutes and restarted the laptops and there is a high chance it will connect and start passing traffic.

I passed this onto third line techs, but as always with ours....not a scooby lol

Anyways tonight we had a MD ring up saying he cannot connect and has tried the previous...So i asked what company his isp is (VM) and is using netgear equipment.

From background info i know that sometimes VM and Netgear block some VPN connections and ports....

Now i asked the MD to power cycle the router and it worked...Now would a blocked VPN, unopened port cause this? able to connect to VPN but not pass traffic?

I would ask thirdline...but they are pretty much part-timers and tend to fob things off....



john_h is offline   Reply With Quote Quick reply to this message
Sponsored Links
Advertisement
 
Old 30-06-13, 04:46 AM   #2
Senior Member
 
bung206's Avatar
 
Join Date: Dec 2011
Posts: 206
Default

Once the tunnel is established can you ping the gateway of the virtual adapter from the client side?

What is the IP range on the office end? Is it something common like 10.0.0.0/24, 10.1.1.0/24 or 192.168.1.0/24? If so this is potentially an issue also. Beause a lot of home routers utilize this range and it will cause IP conflicts to no end. Ideally you want to be using 10.10.0.0/16 or 172.16.0.0/16 for your corporate sites.
bung206 is offline   Reply With Quote Quick reply to this message
Old 30-06-13, 12:32 PM   #3
Inactive User
 
john_h's Avatar
 
Join Date: Nov 2009
Location: Gateshead - Tyne and Wear
Posts: 4,512
Default

Nah if you ping by ip which is 10.0.0.0/24 range you get response timed out and if you ping, say the exchange server by name you get a reply but from virgin media advanced search server.

The clients sit on a 172 range and the servers on 10 range


Sent from AutoGuide.com Free App



john_h is offline   Reply With Quote Quick reply to this message
 
Old 01-07-13, 01:13 AM   #4
Senior Member
 
bung206's Avatar
 
Join Date: Dec 2011
Posts: 206
Default

Sounds like a misconfiguration on the ISP's side, or does the user have his 'own' internet connection, or are they using like a shared building wifi or something?

10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 addresses are (should be) non-routable for WAN and are only to be used for private space, as published in RFC 1918.

I have experienced an identical issue with a user belonging to one of the networks I manage, when he VPN'ed into the office while on this Asian tour, there were these sorts of conflicts. The office IP range was 10.0.0.0/24, but when I disconnected the VPN on the user's side and pinged/tracerouted, say 10.0.0.1, I got a response!

I think one solution would be to set a lower metric on the VPN tunnel adapter, but this is complicated and laborious.

What type of VPN is it?

Last edited by bung206; 01-07-13 at 01:55 AM.
bung206 is offline   Reply With Quote Quick reply to this message
Old 01-07-13, 02:26 AM   #5
Inactive User
 
john_h's Avatar
 
Join Date: Nov 2009
Location: Gateshead - Tyne and Wear
Posts: 4,512
Default

Basically the users can use a range of ISPs such as vodafone 3g dongles, virgin media, hotel and other places wifi, bt, sky, talk talk, demon isp. And all of the above in different countries aswel as UK so its not limited to the ISP as such. Unless you mean our corporate provider....

Ill pass that info onto the third line fella investigating tho so thx

Another thing he said was the juniper equipment was meant to be for say 100 users and we have nearly 1000 but he said that should cause an issue but will investigate that But didnt seem to confident.

But to answer your question im not too sure all i know is we use securencp client on the laptops, routes into juniper equipment and obviously routed off to different servers in different parts of the country lol

Wish i kept upto date with my cisco ccna now lol


Sent from AutoGuide.com Free App




Last edited by john_h; 01-07-13 at 02:28 AM.
john_h is offline   Reply With Quote Quick reply to this message
Old 01-07-13, 03:17 AM   #6
Senior Member
 
bung206's Avatar
 
Join Date: Dec 2011
Posts: 206
Default

No experience with Juniper/Cisco stuff. I use pfSense and OpenVPN, seems to work well regardless of how locked down your connection is.
bung206 is offline   Reply With Quote Quick reply to this message
Old 01-07-13, 09:09 AM   #7
Inactive User
 
john_h's Avatar
 
Join Date: Nov 2009
Location: Gateshead - Tyne and Wear
Posts: 4,512
Default

Turns out we have several lines going into this box to give people their emails on apple and android devices using third party software and is used for bes so quite a bit goes through this.

On the plus side since yesterday afternoon its been connecting ok ill try later when more people are connected


Sent from AutoGuide.com Free App



john_h is offline   Reply With Quote Quick reply to this message
Sponsored Links
Advertisement
 
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Peugeot Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in


Thread Tools
Display Modes

Posting Rules
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 07:56 PM.



Powered by vBulletin® Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Content Relevant URLs by vBSEO 3.6.0
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.