First thing is if you are going through a router you need to port forward the IP address of the VPN server.
Make sure that the Windows Firewall is off on the VPN server.
It sounds like your problem is somewhere there is an active firewall either in the router/moden or in windows itself.
The first clue is the timeout message when you try to ping the IP Address.
If everything is set right you may be pinging the wrong IP Address. The IP Address you are looking for is the one for the router and not the server itself.
One other thing you might check is that the VPN service is active and running on the VPN server.
There could be a couple of things wrong here:
1. ICMP is not permitted through. This is what Brian refers to about the Windows firewall. Another way of testing this is to: Start, Run, CMD, enter, tracert 10.x.x.x. Look at the path, is it what you expect? Do you see points along the path that do not respond? If so, then it is possible that ICMP is not permitted through those devices.
2. Can you reach any resources on the private network by either name, ip address or service? Can you telnet to port 80 on a web server for example? If that does not work, your VPN client may have the incorrect default gateway set. Check the IP properties on the interface to see if the client is getting an address and gateway that is routable on your network.
Check out this virtual lab from Microsoft that shows how to use Network Address Translation (NAT) and Routing and Remote Access Server (RRAS) basic firewall, install the IPSec computer certificates, configure the remote access server (RAS) for quarantine, and connect to a RAS server from a client.
I had an exam, so I kind of put this problem in a background…
So, on this VPN server (10.10.10.5) I already tested the connectivity to machine 10.30.1.16 with ping and tracert command:
Tracing route to 10.30.1.16 over a maximum of 30 hops
1 * * * Request timed out.
2 <1 ms 1 ms <1 ms 10.30.1.16
So, the connection is ok. I guess the routing on router is configured ok and ICMP is disabled.
I think the problem is in the settings that client gets from VPN server. Default gateway is the same as the IP address that the client gets and the subnet mask is 255.255.255.255 which is strange to me.
I am using static address pool and not DHCP – is this a problem? Should the DHCP be enabled and not static address pool or is ist possible that evertyting could and should work by using static address pool?
Tnx for any kind of answare!
I have seen this 255.255.255.255 type addressing before when the device has some internal routing entries that tell the host where to go for various networks. It does not have the default gateway set but if you go to a command prompt and type “route print” what does it show for the 0.0.0.0 route? That is where all traffic will get sent by default. It’s just that this parameter is not getting sent to the client in DHCP as the default gateway.
0.0.0.0 0.0.0.0 “public dg” “public_ip” 20