Re: what happened to my post re KB830063 - Browsing over VPN?
From: Richard Prossor (richard.prossor_at_prossor.com)
Date: 04/19/04
- Next message: Sal: "No back up logs"
- Previous message: Kevin Weilbacher: "Re: Backup Song of the Week"
- In reply to: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Next in thread: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Reply: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 19 Apr 2004 15:20:51 +0100
Hi Jim
I can't disagree with your first point on the IP scheme
the FQDN is prossorsnt.prossors.com. I am no IT expert but I have noticed
that if append parent suffixes is ticked then I get both
prossorsnt.prossors.com and prossors.com in the DNS suffix search list when
I run ipconfig /all. This is shown below. I have just assumed that the
primary domain is prossorsnt.prossors.com but this has a parent suffix of
prossors.com.
Z:\>ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : prossornt01
Primary DNS Suffix . . . . . . . : prossorsnt.prossors.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : prossorsnt.prossors.com
prossors.com
Re: the section of my DNS doesn't look like yours - I don't know what it is
supposed to look like and that is why I am pursuing this thread.
The recommendation on static pools is from Microsoft. Please refer to
article:
HOW TO: Turn On and Configure Inbound VPN Access in Small Business Server
2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;320697&Product=sbs
As to why not contact Microsoft. Microsoft have published two articles which
conflict. I assumed the latest release would be correct and thought it would
be useful to bring it to the newsgroups attention. Maybe it would have been
better if I hadn't bothered :-)
http://support.microsoft.com/default.aspx?scid=kb;en-us;292822&Product=sbs
http://support.microsoft.com/default.aspx?scid=kb;en-us;830063&Product=sbs
Regards
Richard
"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
news:v4g780l9r4ums6v12jscbpmra7234rr7qu@4ax.com...
> Someone picked up a "bad" ip scheme for the Unix.
>
> "I am assuming that since my SBS server is
> prossornt01.prossorsnt.prossors.com, the domain name is
> prossorsnt.prossors.com and its parent is prossors.com." To me it
> appears that your domain is prossornt.prossors.com. On my installs
> there is no parent to that name. If I choose fred.local then that is
> the start of the domain. It appears that you started your domain with
> prossorsnt.prossors.com.
>
> You DNS does not look like my dns. I am no whiz at dns but how can you
> have 3 A records pointing to the (same as parent folder)? I would
> think that only one which should point to 192.0.0.7 is correct.
>
> I assign static ips to my servers. All servers. If I need to get to
> them I enter the ip after I vpn in. No reason not to do the same if
> you have workstations. SBS 2000 only allows for 50 workstations so I
> cannot see that you would not have that many stations to apply static
> ips to. Or you should be able to see them by \\workstation name. If
> you cannot then you have WINS and DNS issues. Your dns looks wierd now
> so it may be causing you grief.
>
> I have never seen in the manuals for SBS that using a static pool that
> is on another ip scheme is the recommended setup. You can look at all
> the servers I have set up and they are all using DHCP for RRAS. I may
> not have it set up correctly but all I did was follow the wizards the
> SBS team created for me.
>
> Note that if Jeff recommends not doing something it is with good
> reason.
>
> If it really bugs you why don't you call MIcrosoft? It appears that
> what you want is not easy to fix. They deal with this kind of stuff
> all day and should be able to help. Surely there is some sort of time
> value you can assign to the hours you have spent on this. Sometimes
> patches released goof something up or possibley you made some change
> that you did not see until you rebooted which restarted all services.
>
>
>
> "Richard Prossor" <richard.prossor@prossor.com> wrote:
>
> >Hi Jim
> >
> >The 192.0.0.x network was the numbering system used on our old UNIX
system
> >15 years ago - it has just been carried forward ever since.
> >
> >As to why spend the time when the important things are working - call it
> >personal interest and the fact that NOT everything of importance is on my
> >SBS server.
> >
> >If you look back in the newsgroup, I followed all the recommendations
> >including the static pool. In my case, VPN clients need to connect to an
> >application server within the SBS domain (not the SBS server). All in the
> >garden was rosy and I had no issues :-)
> >
> >Then suddenly (most poular word in insurance claims!) at the end of
November
> >2003 it stopped working. Remote clients could not see beyond the SBS
server
> >and so could not connect to the application server.
> >
> >After a few days flailing about, help from this newsgroup (thanks Chad)
> >advised me to try moving away from the static group towards assigning
> >addresses by DHCP. Connectivity was restored and the panic was over - but
it
> >was not the same connectivity as before and I was still left with the
> >questions:
> >
> >1) why had it gone wrong in the first place
> >2) why doesn't the recommended setup work in my situation
> >
> >Like many SBS'ers, we do not have dedicated IT staff and I prefer to be
able
> >to forget about the system and get on with the day job of running the
> >business. To me this basically means use all the default settings and
> >recommendations, and keep away from bespoke fixes because they are likely
to
> >bite you sometime in the future when you have completely forgotten the
fix
> >that was required or even what it was for.
> >
> >So, I kept looking to try to get back to the recommended set up (static
> >pool) and full connectivity.
> >
> >I found that if I changed the fixed IP address of the application server
and
> >replaced it with a reservation in DHCP, this enabled me to return to
using
> >a static pool. Note - exclusions do not work.
> >
> >At this stage I am basically back on the recommended set up except for
the
> >fact that I can't browse - so long as I know what I want to connect to, I
> >can. As you point out, there is now little to gain from spending time on
the
> >problem...... and in addition you confirm what many others have said:
that
> >while you have the same issue, the preferred solution is just not to
worry
> >about it.
> >
> >I had just about reached this frame of mind when I came across KB830063
(not
> >surprising since it was only published at the end of Feb 04). This
actually
> >refers to the symptom directly and fingers SP3 as the culprit. However it
> >contradicts the "gospel" according to KB292822 - it deletes the
> >DisableNetBiosoverTCPIP registry setting, wants you to enable NetBios
over
> >TCP/IP on the External NIC, and advises you MUST use a static pool.
> >
> >When I posted this on this newsgroup, the reaction was that Microsoft had
> >got it wrong (from no less a source than Jeff Middleton) and that there
must
> >be something else wrong with my setup.
> >
> >What I am trying to do (with Marina's much appreciated help) is try to
> >ascertain if it is indeed my setup that is wrong or if, in fact, it is
> >KB292822 which is wrong and needs to be updated with KB830063.
> >
> >Currently, despite Jeff and Marina's protestations, my money is on
KB830063
> >and unless I see any reason otherwise, I will be applying the fix
> >recommended there and hopefully forgetting about my SBS server until the
> >next time something "suddenly" happens.
> >
> >Here's the link
>
>http://support.microsoft.com/default.aspx?scid=kb;en-us;830063&Product=sbs
> >
> >See what you think
> >
> >
> >Regards
> >
> >Richard
> >
> >
> >
> >
> >
> >
> >
> >
> >"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
> >news:haq580d8tsgmsg280danq7snbrhkl9a1rr@4ax.com...
> >> I thought I had read one time that there are magic clicks when your
> >> RRAS is using a different ip scheme from your internal network. Why
> >> don't you use dhcp to assign your RRAS instead of a static pool. Or if
> >> you are doing a static pool then use your network with some exclusions
> >> in the dhcp manager.
> >>
> >> Where did the 192.0.0.x network come from? A bit out of the range of
> >> Microsoft defaults and a big departure from the Excerpt from RFC 1918
> >> Private Address Space
> >>
> >> " The Internet Assigned Numbers Authority (IANA) has reserved the
> >> following three blocks of the IP address space for private
> >> internets:
> >>
> >> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> >> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> >> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)"
> >>
> >> So what works and what does not work? \\servername works? Seems like a
> >> lot of time spent trying to get something working that I have never
> >> gotton to work and never considered important. I repeat, everything
> >> important is on the server so what else does one need to get to?
> >>
> >>
> >> "Richard" <richard.prossor@prossor.com wrote:
> >>
> snip for bandwidth reasons
> Jim B. SBS MVP
> remove the mvp to send email
- Next message: Sal: "No back up logs"
- Previous message: Kevin Weilbacher: "Re: Backup Song of the Week"
- In reply to: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Next in thread: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Reply: Jim Behning: "Re: what happened to my post re KB830063 - Browsing over VPN?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
