LAN Adapter IP Seen inside Remote PPTP connection on PIX

stownsend · ‎12-18-2002

I've Created a PPTP connection from my machine at home to a PIX at the office.

On my machine at home the LAN adapter (192.168.1.99) has a WINS Server address of a Internal WINS server (10.1.0.x).

When I make a PPTP connection to the firewall, I can connect just fine to the internal servers. The Firewall gives me an address of 10.201.0.9. I can reach the machine at home form the internal Network.

Though the firewall complains that a packet from Address 192.168.1.99 (with traffic destined for 10.1.0.8) is not an IPSec Packet and is rejected. This is true and the packet should be rejected.

Though my question is, why is the Machine at home sending request from the LAN Adapter as the LAN Adapter's IP Address though the Dial-up PPTP connection?

If I remove the 10.1.0.x address from the LAN Adapter's WINS server list, the Error messages about rejected Packets Disapears.

If it has traffic destined for the 10.x.x.x network shouldn't it use the 10.201.0.9 Address and pass the request aling from there?

Thanks,

Scott<-

p.krane · ‎12-26-2002

I was facing a problem some time ago with my VPN client. If a laptop connected to the LAN at the office was brought home and used to connect to the firewall at the office via a dial up connection, no data was transfered over the dial up connection. It turned out that the problem had to do with the release of IP address and more importantly, with the way in which the traffic was being routed. (http://www.cisco.com/warp/public/471/ms_route.html). I guess this document could give you a hint about what might be happening in your network.