Most common issues

Forum for all technical support and trouble shooting of the WinGate VPN.

Moderator: Qbik Staff

Most common issues

Postby adrien » Oct 16 04 8:30 pm

1. Network machines inaccessible.

This problem is by far the most common problem with WinGate VPN. It is invariably caused by routing configuration, and occurs whenever no steps are taken and the WinGate VPN machine is not also acting as the main internet gateway for the LAN.

REASON.

For 2 way communications to work, each machine involved must

a) believe it is able to communicate with the other
b) forward packets in the communication to the correct router for forwarding to the other machine.

If either of the 2 requirements above aren't met, then 2 way communications wont work.

Routing is the means by which packets are forwarded, and the routing configuration on LAN machines determines whether these 2 criteria are met.

Normally a machine has a default gateway setting. This specifies the machine to which all packets will be forwarded if there is no specific knowledge about how to reach a particular subnet or host (i.e. no specific route in the route table for a particular network or host).

So, for VPN communications to work, the packets sent by the machines on the LAN need to get to the VPN gateway in order to be relayed over the VPN. This means that either each machine, or the main gateway needs to know that for the destination subnets on the VPN, the correct gateway to use is the IP address of the WinGate VPN server.

CURE:

There are several options. WinGate VPN comes with a RIP server built in. RIP is a protocol which is designed to advertise routes, and gateways to be used for specific destination networks. So, the simplest fix is.

A. Enable RIP2 listener on your main gateway.
If your main gateway has a RIP2 listener built in (most do), then turn it on. This will allow the main gateway to learn the routes for VPN access, and then any machine using this gateway as a default gateway will then be able to access the VPN.

If your main gateway does not have a RIP listener, you can still use RIP.

B. Install a RIP client on each machine on your LAN that needs to use the VPN.

Qbik wrote a RIP client for this purpose. It may be installed on any version of Windows, and automatically creates the correct routes on the local machine in order for it to use the correct gateway to access the VPN.

The final alternative is

C. manually create routes.

You may be able to manually create routes on your main gateway for VPN, or on each machine on your LAN that needs VPN access. However, this is not suitable where the VPN client machines are on dialup connections with IP addresses that change, since to manually create a route, you must know the destination IPs.

Therefore, we recommend A or B.

Adrien de Croy
adrien
Qbik Staff
 
Posts: 5441
Joined: Sep 03 03 2:54 pm
Location: Auckland

Return to WinGate VPN

Who is online

Users browsing this forum: No registered users and 17 guests

cron