Re: Help! Cannot access network via VPN and no web in or out
From: Marina Roos [SBS-MVP] (marina_at_roos.nodontwantspam.nl.com)
Date: 05/15/04
- Next message: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Previous message: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- In reply to: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Next in thread: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 15 May 2004 13:16:13 +0200
Hi,
Please, post the ipconfig/all from the server.
-- Regards, Marina Microsoft SBS-MVP "Shared Care" <admin@nospamhere.sharedcare.org> schreef in bericht news:tEnpc.242$3M5.196@newsfe6-gui.server.ntli.net... > I'm online with Cisco TAC now. They are telling me that port forwarding 1723 > to the external Nic (which was the original setup) won't work. They are > trying to set the router to authenticate the VPN - not pass the request > through. I am on a VPN now but this is inside the router on 172.16.0.2 > 255.255.255.255 and I can't ping anything or get anywhere. > > Cisco are telling me that I need a static route from 192.168.1.2 (my SBS > external NIC) to the 10.0.0.2 (SBS internal NIC). Are they wrong here? > > I also have no web access in or out. Is this related? > > > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in message > news:%23wBCKZmOEHA.1160@TK2MSFTNGP09.phx.gbl... > > Hi, > > > > 800 is likely something wrong setup in the router. Check if you have port > > 1723 (VPN) forwarded in the router to your external nic IP. > > To make sure everything else is alright, post the ipconfig/all from the > > server. > > You say you can successfully vpn within the network, which indeed would > tell > > me that vpn and rras are setup right. > > 2 nics and using RRAS: check bindingorder nics and make sure internal nic > is > > on top, have you applied the regedits in 292822 (just checking)? > > > > > > -- > > Regards, > > > > Marina > > Microsoft SBS-MVP > > > > "Shared Care" <admin@nospamhere.sharedcare.org> schreef in bericht > > news:wRmpc.218$3M5.129@newsfe6-gui.server.ntli.net... > > > I have some major problems and need some help. I have Cisco TAC > assisting > > > with my router but they keep trying to blame the SBS setup for the > > problems > > > I'm experiencing. Can you check my setup here and advise me where there > > > might be a problem? Running SBS2K connected to a Cisco 801 router. > > > > > > Symptoms: > > > No web access in or out. Email is ok outbound - can't check inbound from > > > here. VPN will not connect to the SBS. Remotes receive error 800. > > > > > > > > > > > > I have 5 remote workers trying to connect to our network via Windows > VPN. > > > All are running Windows XP Professional sp1. Each remote has their own > > > network logon name and password. They all have dial in access. > > > > > > At the office: > > > Cisco 801 Router connected to a bonded BRI line. Router's public IP is > > > A.B.C.D which the remotes use to hook up to the VPN. Router's inside IP > > is > > > 192.168.1.1 connected to the SBS external NIC on 192.168.1.1 . This > routes > > > over ISA2000 to the internal NIC on 10.0.0.2 For the past 18 months this > > has > > > been fine and dandy. Then yesterday at 4.30am it stopped authenticating > > the > > > remote users. > > > > > > What used to happen is that the router would pass the VPN request to the > > > SBS. This would authenticate and issue a 10.0.0.X ip to the remote. The > > > remote could then access all the network servers it needed. Cisco tell > me > > > that the router should never have done this and that it (the router) > > should > > > be authenticating. They have changed the router setup so that > > authentication > > > now occurs on the router. If I VPN to the network using my own logons > (now > > > defined within the router) I am authenticated (by the router) and issued > a > > > 172.16.0.X IP address by the router. XP declares that I'm connected > > > (probably just to the router) but I can't connect to any servers nor can > I > > > see or ping anything on the 10.0.0.X range. > > > > > > Locally I can ping to the router and I receive a response. Cisco TAC > tell > > me > > > that they see this as a ping from 192.168.1.2 (which seems correct). > > They're > > > telling me that there must be a translation to get the VPN request from > > the > > > router to the 10.0.0.2 server for server authentication. Surely this was > > > already in place as it worked before? > > > > > > I have set up RRAS as instructed and the DHCP etc. are all supplied by > the > > > internal NIC. I can VPN to the server from inside the network, I just > > can't > > > get to it from outside. > > > > > > Help. Please > > > > > > Admin > > > Sharedcare.org > > > > > > > > > > > >
- Next message: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Previous message: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- In reply to: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Next in thread: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Marina Roos [SBS-MVP]: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
