Cannot access internet or remote network after connecting to Windows VPN
I set up a VPN by creating an incoming VPN connection (VPN server) in my Windows 8 machine at home (not a Windows Server).
I forwarded the PPTP port in my router (port 1723) to this machine and enabled PPTP passthrough.
In a second Windows 8 machine out of home, I created an outgoing VPN connection (VPN client). And I am able to connect to my home VPN, but I don't have access to any home resource or even internet.
UPDATE 2:
My router assigns IP addresses in a range from 192.168.1.100 to 192.168.1.149. So I set up my incoming connection properties (VPN server) to assign IP addresses in a range from 192.168.1.150 to 192.168.1.199. Here is how it looks now:
And the VPN client ipconfig /all
output looks like this:
PPP adapter Kiewic VPN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Kiewic VPN
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.151(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled
Still I am not able to access any service in my home network, including ping
command, Remote Desktop, HTTP server, shared files.
UPDATE 3:
However, after changing the IP addresses assigned by the VPN server, the VPN client does not lose internet access when it gets connected (like it was happening before). Attaching Network Monitor to the VPN server shows HTTP traffic flowing through the VPN server.
Looking to the Netowork and Sharing Center at the VPN server, a RAS (Dial-In) Interface connection shows up as Public network. I can't find any way to convert it into Private network. This is how it looks:
ICMP traffic is allowed on Public and Private networks in the VPN server. Still I cannot ping the machine.
The Server VPN ipconfig /all
output is this:
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.150(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Screenshots before UPDATE 2:
-
VPN server:
-
VPN client:
Here are two articles on establishing VPN in Windows 8.
Please comment on how they compare to what you have done to create that VPN.
Windows 8 - How to configure PPTP with Windows built-in client on Windows 8
Windows 8 VPN Get Connected
The IP address of type 169.254.x.x means that Windows wasn't able to contact a DHCP server and allocated its own temporary address.
Set the client's IP address to a static IP of 192.168.x.x so as to place it on the same network as that established by the VPN server. Otherwise, the one is not fully accessible to the other.
- Open the properties page for your vpn connection.
- On the networking tab, select "Internet Protocol (TCP/IP)" and click [Properties].
- Click [Advanced]
- Uncheck "Use default gateway on remote network"
Hope that cures it.
You need to configure the network address settings. On the server, you can either point it to your DHCP server (router), or have it hand out a range of addresses. It's needs to be in the same range. Reconnect after setting it, and you should feel like you're on your LAN.
What I did on my Windows 7 server was assign a pool of 20 IP addresses, in the same range as my home network. So choose the second radio button, then type an IP address that is within your LAN, but not given out by your router. Then fill in the last box, and the second should fill itself in.
To find out what IP address range to use, open a Command Prompt window (Windows+X, select Command Prompt), and type ipconfig /all
and press Enter. Look at the IPv4 Address, Subnet Mask, and Default Gateway. If it starts with 192.168.x.y
, and the Subnet Mask is 255.255.255.0
, you have a standard Class C subnet. I would probably choose a start IP address of 192.168.x.200
, and ending IP address of 192.168.x.220
. The third number can be anything, as long as it matches the third number of your IP address.
If after all this you still can't get connected to your LAN, try checking your Firewall settings. Each firewall is different, so you may need to Google the software/hardware you're using for specific instructions. Make sure that it allows your SMB traffic (port 138/139/445) through, and likely, your DNS traffic (port 53)