Re: remoting not working through vpn

Roy,

Thanks for your response.

I am using events and the second scenario you described is exactly what is
happening. When we removed all firewalls on a machine connecting to the
network through vpn, it worked. When we changed the client remoting
configuration to use a specific port for the tcp channel instead of port "0"
and opened that port on the client's firewall, it worked. In our case this
isn't a solution because we need to be able to run multiple clients on each
machine.

Since the clients connecting through VPN all have different ISP's and
firewall configurations, changing all of their firewalls isn't really an
option. At this point I'm trying to figure out exactly how the remoting
server is trying to communicate with the client and if there's a way to do it
that will allow the traffic through the firewall.

As an alternative approach I guess we could have the server queue up
messages which would then be retrieved periodically by the clients. That
would be a major change and would result in using more bandwidth and
increased latency between sending and receiving messages.

Any ideas?

Thanks,
Rich Wood

"Roy Chastain" wrote:

> Am I to assume that you have created a two way channel and that you are actually referring to events that are being sent back from
> the server to the client?
>
> If so, then read on. If no, you may want to read my ramblings anyway.
>
> 1) - VPN connections. These can act differently depending on where the VPN terminates.
> For instance, I have ISA firewall and all my VPN connections terminate on the firewall system. They are then routed or NAT'd as
> appropriate to other networks that the firewall connects to. This could include another VPN to a site to site network. Once the
> data makes it (I will use INTO instead of THROUGH) the firewall, it is subject to firewall routing and NAT't rules.
>
> The other case might be that you have tunneled the VPN completely through the firewall and let it terminate on the server itself.
> In this case the firewall has NO effect on the connections traveling through the VPN.
>
> 2) - Addresses. This is probably your issue, but I don't know for sure.
> (Again assuming an event type 'response' from the server. The server has to know where to send the event. (This is not a reply
> at the TCP/IP level, but instead a separate outbound connection.) The problem may be in how the client system is presenting its
> address to the server. In other words the client could be telling the server it actual LAN address (the address associated with
> its NIC) instead of the address associated with its VPN.
>
> What I don't know is what mechanism remoting uses to 'capture' the address of a client when it will be needed to fire the events.
>
> HTH.
>
>
> On Thu, 18 Aug 2005 07:33:08 -0700, Rich Wood <RichWood@xxxxxxxxxxxxxxxx> wrote:
>
> >My application consists of a client and server that communicate via a Tcp
> >Channel. The client sends requests to the server which then sends data back
> >to the client. It works fine for clients on the LAN but not for clients
> >connected to the LAN through VPN. The clients are able to send requests to
> >the server, but when the server tries to send the data back to the clients,
> >I'm getting timeout errors. I suppose it's possible that it's just really
> >slow through VPN and that given more time it would eventually work. I don't
> >think this is the case since the communication to the server works and since
> >in the same application I'm able to get data from a sql server database
> >through VPN without much of a time lag.
> >
> >It seems to me like a connectivity or firewall problem. However, I'm able to
> >ping the client machine from the server machine and I'm under the (possibly
> >mistaken) impression that when a client makes a VPN connection to a LAN, it
> >has the same access through the firewall as machines on the local LAN. The
> >firewall doesn't block outbound traffic.
> >
> >Any help would be greatly appreciated.
> -------------------------------------------
> Roy Chastain
> KMSYS Worldwide, Inc.
> http://www.kmsys.com
>
.

Relevant Pages

  • Re: VPN clients unable to connect to other resources.
    ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
    (microsoft.public.windows.server.sbs)
  • RE: Problems with connectcomputer and active directory
    ... I understand that you would like to join a remote client to the domain. ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ... Create a VPN connection to ISA/RRAS on the Internet ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote connectivity problems
    ... do you mean you have added a remote client to SBS ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN clients unable to connect to other resources.
    ... Are you saying that an XP Home PC wouldn't be able to connect to a server share over VPN? ... Can ping the SBS but not the client PCs on the same network. ... gateway matches the IP of the remote client, ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN error 800
    ... I had already done all the testing from the inside of the firewall you ... I narrowed down the problem to the hardware router the client location, ... tried to connect to the server with VPN and it succeded! ...
    (microsoft.public.windows.server.sbs)