Re: RAS/VPN routing on client?

#2 01-05-2006, 04:00 AM

The answers in this thread have been of great use to me, but
I still have a few problems.

I've set up a VPN Server and Client, and have it basically
working but a few issues to resolve.

Both ends are PC's, both behind separate DSL Router/Firewalls,
both resolvable by dyndns. Both are running Windows XP prof.

Within the server network, the router has the internal address
192.168.181.1 and the VPN server 192.168.181.20.
On the client side the router has internal address 192.168.178.1
and the client 192.168.178.20. Both routers of course have WAN
addresses assigned by the ISP's too.

On the client I have two network connections active, the LAN
connection to the router/internet, and the VPN (virtual)
connection (which in reality of course goes via the LAN).

In the default state after setting all that up, the problem on
the client is that all internet traffic is routed over the VPN,
i.e. it actually uses the internet connection of the server,
and is of course limited by the low ADSL upload. I have proven
this by looking at the network traffic.

The routing table looks like this:-

================================================== =========================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 09 92 c8 fb ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
0x3 ...00 11 09 92 ca ee ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC - Packet Scheduler Miniport
0x40005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
================================================== =========================
================================================== =========================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 169.254.1.1 169.254.1.1 1
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.20 21
85.180.150.12 255.255.255.255 192.168.178.1 192.168.178.20 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.1.1 255.255.255.255 127.0.0.1 127.0.0.1 50
169.254.255.255 255.255.255.255 169.254.1.1 169.254.1.1 50
192.168.178.0 255.255.255.0 192.168.178.20 192.168.178.20 20
192.168.178.20 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.178.255 255.255.255.255 192.168.178.20 192.168.178.20 20
224.0.0.0 240.0.0.0 192.168.178.20 192.168.178.20 20
224.0.0.0 240.0.0.0 169.254.1.1 169.254.1.1 1
255.255.255.255 255.255.255.255 169.254.1.1 169.254.1.1 1
255.255.255.255 255.255.255.255 169.254.1.1 2 1
255.255.255.255 255.255.255.255 192.168.178.20 192.168.178.20 1
Default Gateway: 169.254.1.1
================================================== =========================
Persistent Routes:
None

and I assume the problem is the default gateway. When I change it with
route add 0.0.0.0 mask 0.0.0.0 192.168.1
it seems to solve the problem.

My questions, many thanks for any input:-

Is this a reasonable thing to do? If so, how do I make a default gateway
persistant? Is there any way I can set up my VPN server so that new
clients don't have to change their routing tables?
Shouldn't VPN work "out of the box" without having to change routing tables?

Are the IP addresses the VPN DHCP server assigns, like 169.254.1.1, reserved
for internal LAN use? If not, how does anyone know where to route them?

TIA,
David