Re: Help! Cannot access network via VPN and no web in or out
From: Marina Roos [SBS-MVP] (marina_at_roos.nodontwantspam.nl.com)
Date: 05/15/04
- Next message: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Previous message: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- In reply to: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Next in thread: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 15 May 2004 14:00:12 +0200
Hi Mike,
Alright, that would be nice if you can use that router, which will prove
(again) to that silly tech that 'his/her' routersetup is messing things up
for you badly.
I'll be watching this thread.
-- Regards, Marina Microsoft SBS-MVP "Shared Care" <admin@nospamhere.sharedcare.org> schreef in bericht news:5topc.379$3M5.363@newsfe6-gui.server.ntli.net... > I have a spare Cisco 801 at the office. I'm not sure what's on it but I can > get to console and set it up. I'm sure it doesn't need half the stuff that's > in the config of the current one. > > Mike > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in message > news:%2366FJOnOEHA.4036@TK2MSFTNGP12.phx.gbl... > > Pick up a router on your way there. So you will be able to get out on the > > internet. You should be the boss of that router, not Cisco. > > > > -- > > Regards, > > > > Marina > > Microsoft SBS-MVP > > > > "Shared Care" <admin@nospamhere.sharedcare.org> schreef in bericht > > news:Tjopc.337$3M5.269@newsfe6-gui.server.ntli.net... > > > It's get in that taxi actually... :-)) > > > > > > I suspect I'll be going up there soon ... > > > > > > > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in > > message > > > news:O8MM%23JnOEHA.640@TK2MSFTNGP12.phx.gbl... > > > > Hi shared care, > > > > > > > > Wouldn't know of a link right now, but you can tell this guy/gal that > it > > > has > > > > been working the way you've set it up for 18 months and that you have > > > > checked your setup with an MVP ;-) (if he/she knows what that is...) > > > > Urge this tech to put the settings back the way they were! Else, get > in > > > your > > > > car and drive up those silly 25 miles. > > > > > > > > -- > > > > Regards, > > > > > > > > Marina > > > > Microsoft SBS-MVP > > > > > > > > "Shared Care" <admin@nospamhere.sharedcare.org> schreef in bericht > > > > news:Bcopc.298$3M5.177@newsfe6-gui.server.ntli.net... > > > > > Thanks for the chin-up speech! It's just what I needed. I've been at > > > this > > > > > for 20 hours yesterday and 2.5 hours this morning. > > > > > > > > > > I can't post the ipconfig /all from the server as it's 25 miles away > > and > > > I > > > > > can't remote to it... Equally, when I get to the office, I might not > > be > > > > able > > > > > to post it out as my router ain't working!! > > > > > > > > > > Marina, is there a link I can send to the Cisco TAC that says "oi! > > your > > > > > router should be set up like this:" ? > > > > > > > > > > > > > > > > > > > > > > > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> wrote in > > > > message > > > > > news:Obqob$mOEHA.3944@tk2msftngp13.phx.gbl... > > > > > > Hi again, > > > > > > > > > > > > Don't doubt yourself. You have said it did work for more than 18 > > > months, > > > > > > until the router stopped working and this cisco guy started > messing > > > > > around. > > > > > > First: was the router getting faulty and was that the reason it > > > stopped > > > > > > working? Has the router been replaced by a new one? > > > > > > Second: if you can't even get out on the internet from within your > > > > > network, > > > > > > they really have been messing around in your routersetup. > > > > > > You have proved it that your network was setup right as it has > been > > > > > working > > > > > > perfectly for 18 months. Your SBS should be doing the > authentication > > > for > > > > > > sure, not the router. The router should pass through VPN, which > > isn't > > > > > doing > > > > > > that now obviously. > > > > > > Ask for another cisco tech, preferably one that is knowing what > > he/she > > > > is > > > > > > talking about. You shouldnot need to setup a static route. Again, > it > > > has > > > > > > been working for 18 months! > > > > > > > > > > > > Please, answer my other questions about ipconfig and if you have > > done > > > > the > > > > > > checking on your networkbinding and regedits. Just to rule that > out. > > > > > > > > > > > > > > > > > > -- > > > > > > Regards, > > > > > > > > > > > > Marina > > > > > > Microsoft SBS-MVP > > > > > > > > > > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> > schreef > > in > > > > > > bericht news:OIlmx4mOEHA.3012@tk2msftngp13.phx.gbl... > > > > > > > Hi, > > > > > > > > > > > > > > Please, post the ipconfig/all from the server. > > > > > > > > > > > > > > -- > > > > > > > Regards, > > > > > > > > > > > > > > Marina > > > > > > > Microsoft SBS-MVP > > > > > > > > > > > > > > "Shared Care" <admin@nospamhere.sharedcare.org> schreef in > bericht > > > > > > > news:tEnpc.242$3M5.196@newsfe6-gui.server.ntli.net... > > > > > > > > I'm online with Cisco TAC now. They are telling me that port > > > > > forwarding > > > > > > > 1723 > > > > > > > > to the external Nic (which was the original setup) won't work. > > > They > > > > > are > > > > > > > > trying to set the router to authenticate the VPN - not pass > the > > > > > request > > > > > > > > through. I am on a VPN now but this is inside the router on > > > > 172.16.0.2 > > > > > > > > 255.255.255.255 and I can't ping anything or get anywhere. > > > > > > > > > > > > > > > > Cisco are telling me that I need a static route from > 192.168.1.2 > > > (my > > > > > SBS > > > > > > > > external NIC) to the 10.0.0.2 (SBS internal NIC). Are they > wrong > > > > here? > > > > > > > > > > > > > > > > I also have no web access in or out. Is this related? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > "Marina Roos [SBS-MVP]" <marina@roos.nodontwantspam.nl.com> > > wrote > > > in > > > > > > > message > > > > > > > > news:%23wBCKZmOEHA.1160@TK2MSFTNGP09.phx.gbl... > > > > > > > > > Hi, > > > > > > > > > > > > > > > > > > 800 is likely something wrong setup in the router. Check if > > you > > > > have > > > > > > > port > > > > > > > > > 1723 (VPN) forwarded in the router to your external nic IP. > > > > > > > > > To make sure everything else is alright, post the > ipconfig/all > > > > from > > > > > > the > > > > > > > > > server. > > > > > > > > > You say you can successfully vpn within the network, which > > > indeed > > > > > > would > > > > > > > > tell > > > > > > > > > me that vpn and rras are setup right. > > > > > > > > > 2 nics and using RRAS: check bindingorder nics and make sure > > > > > internal > > > > > > > nic > > > > > > > > is > > > > > > > > > on top, have you applied the regedits in 292822 (just > > checking)? > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > Regards, > > > > > > > > > > > > > > > > > > Marina > > > > > > > > > Microsoft SBS-MVP > > > > > > > > > > > > > > > > > > "Shared Care" <admin@nospamhere.sharedcare.org> schreef in > > > bericht > > > > > > > > > news:wRmpc.218$3M5.129@newsfe6-gui.server.ntli.net... > > > > > > > > > > I have some major problems and need some help. I have > Cisco > > > TAC > > > > > > > > assisting > > > > > > > > > > with my router but they keep trying to blame the SBS setup > > for > > > > the > > > > > > > > > problems > > > > > > > > > > I'm experiencing. Can you check my setup here and advise > me > > > > where > > > > > > > there > > > > > > > > > > might be a problem? Running SBS2K connected to a Cisco 801 > > > > router. > > > > > > > > > > > > > > > > > > > > Symptoms: > > > > > > > > > > No web access in or out. Email is ok outbound - can't > check > > > > > inbound > > > > > > > from > > > > > > > > > > here. VPN will not connect to the SBS. Remotes receive > error > > > > 800. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I have 5 remote workers trying to connect to our network > via > > > > > Windows > > > > > > > > VPN. > > > > > > > > > > All are running Windows XP Professional sp1. Each remote > has > > > > their > > > > > > own > > > > > > > > > > network logon name and password. They all have dial in > > access. > > > > > > > > > > > > > > > > > > > > At the office: > > > > > > > > > > Cisco 801 Router connected to a bonded BRI line. Router's > > > public > > > > > IP > > > > > > is > > > > > > > > > > A.B.C.D which the remotes use to hook up to the VPN. > > Router's > > > > > > inside > > > > > > > IP > > > > > > > > > is > > > > > > > > > > 192.168.1.1 connected to the SBS external NIC on > 192.168.1.1 > > . > > > > > This > > > > > > > > routes > > > > > > > > > > over ISA2000 to the internal NIC on 10.0.0.2 For the past > 18 > > > > > months > > > > > > > this > > > > > > > > > has > > > > > > > > > > been fine and dandy. Then yesterday at 4.30am it stopped > > > > > > > authenticating > > > > > > > > > the > > > > > > > > > > remote users. > > > > > > > > > > > > > > > > > > > > What used to happen is that the router would pass the VPN > > > > request > > > > > to > > > > > > > the > > > > > > > > > > SBS. This would authenticate and issue a 10.0.0.X ip to > the > > > > > remote. > > > > > > > The > > > > > > > > > > remote could then access all the network servers it > needed. > > > > Cisco > > > > > > tell > > > > > > > > me > > > > > > > > > > that the router should never have done this and that it > (the > > > > > router) > > > > > > > > > should > > > > > > > > > > be authenticating. They have changed the router setup so > > that > > > > > > > > > authentication > > > > > > > > > > now occurs on the router. If I VPN to the network using my > > own > > > > > > logons > > > > > > > > (now > > > > > > > > > > defined within the router) I am authenticated (by the > > router) > > > > and > > > > > > > issued > > > > > > > > a > > > > > > > > > > 172.16.0.X IP address by the router. XP declares that I'm > > > > > connected > > > > > > > > > > (probably just to the router) but I can't connect to any > > > servers > > > > > nor > > > > > > > can > > > > > > > > I > > > > > > > > > > see or ping anything on the 10.0.0.X range. > > > > > > > > > > > > > > > > > > > > Locally I can ping to the router and I receive a response. > > > Cisco > > > > > TAC > > > > > > > > tell > > > > > > > > > me > > > > > > > > > > that they see this as a ping from 192.168.1.2 (which seems > > > > > correct). > > > > > > > > > They're > > > > > > > > > > telling me that there must be a translation to get the VPN > > > > request > > > > > > > from > > > > > > > > > the > > > > > > > > > > router to the 10.0.0.2 server for server authentication. > > > Surely > > > > > this > > > > > > > was > > > > > > > > > > already in place as it worked before? > > > > > > > > > > > > > > > > > > > > I have set up RRAS as instructed and the DHCP etc. are all > > > > > supplied > > > > > > by > > > > > > > > the > > > > > > > > > > internal NIC. I can VPN to the server from inside the > > network, > > > I > > > > > > just > > > > > > > > > can't > > > > > > > > > > get to it from outside. > > > > > > > > > > > > > > > > > > > > Help. Please > > > > > > > > > > > > > > > > > > > > Admin > > > > > > > > > > Sharedcare.org > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
- Next message: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Previous message: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- In reply to: Shared Care: "Re: Help! Cannot access network via VPN and no web in or out"
- Next in thread: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Reply: Nick Whittome: "Re: Help! Cannot access network via VPN and no web in or out"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
