Re: 2003 SP1 RRAS problem

Sorry Jeff, I do not have the answer for you, however maybe this will help as
you have exactly the problem as me with SP1. I posted this issue back on
April 11th in ‘Windows Server Networking’ as ‘RRAS/VPN Win 2003 SP1’. As you
can see I got lots of responses from people with the same problem! But no
answers…

In the following set-up, both RRAS SP1 servers can ping ALL computers (local
and remotes clients and the remote RRAS SP1 server). However, local clients
can only ping all local computers.

Client1 XP Pro
LAN IP Address 192.168.1.50/24 (fixed)
Static route 192.168.2.0 mask 255.255.255.0 192.168.1.1
I
LAN1
I
RRAS1 Win2k3SP1
Internet IP Address aaa.bbb.ccc.ddd (fixed)
LAN IP Address 192.168.1.1/24 (fixed)
Static route to remote LAN set in RRAS
Address pool for remotes 192.168.1.201 to 250 set in RRAS
I
I
Internet
I
I
RRAS2 Win2k3SP1
Internet IP Address eee.fff.ggg.hhh (fixed)
LAN IP Address 192.168.2.1/24 (fixed)
Static route to remote LAN set in RRAS
Address pool for remotes 192.168.2.201 to 250 set in RRAS
I
LAN2
I
Client2 XP Pro
LAN IP Address 192.168.2.50/24 (fixed)
Static route 192.168.1.0 mask 255.255.255.0 192.168.2.1


Note: The situation is just the same if you replace the LANs (and the
‘Internet’) with simple cross over cables (as a test set-up). This removes
any routers, switches and hubs, so it proves it’s not the MTU issue
(KB898060) nor is it IPNAT.SYS problem (KB897651) Microsoft emailed me the
updated ipnat.sys but it made no difference.

I have discovered (with Network Monitor) that the packets travel as follows:
-

>From Client - OK
In to the local RRAS server LAN NIC - OK
Out of the local RRAS server Internet NIC (in tunnel) - OK
In to the remote RRAS server Internet NIC (in tunnel) - OK
Then nothing on the remote RRAS server LAN NIC !!!
Same in both directions

These are clean installations of Win2k3 SP1 with RRAS, no firewalls at all,
no virus checkers, nothing to get in the way.

Take off SP1 and it’s fine!

Please keep me (all of us) informed, when you have time. Regards shudson

.

Relevant Pages

  • Re: Internal adaptor IP address
    ... The process with DHCP isn't quite as you suggest. ... still get their network config from RRAS, ... better option to control the config of the remote clients. ... server to a private LAN. ...
    (microsoft.public.win2000.ras_routing)
  • Re: 2003 SP1 RRAS problem
    ... I just had an all out war with Sp1 and my DC it got to the point where I ... Loss of DNS after 2 days and restarting the server would hang for a good ... > and remotes clients and the remote RRAS SP1 server). ... > LAN IP Address 192.168.1.50/24 ...
    (microsoft.public.win2000.ras_routing)
  • Re: 2003 SP1 RRAS problem
    ... > and remotes clients and the remote RRAS SP1 server). ... > LAN IP Address 192.168.1.50/24 ... > Out of the local RRAS server Internet NIC - OK ...
    (microsoft.public.win2000.ras_routing)
  • Re: Secure Remote access - windows 2003
    ... RRAS and the ... is there any additional IPSEC/L2TP config to be done other than you have ... accessible to these remote users for file copy. ... This is only suitable for access by known machines, not for internet café ...
    (Focus-Microsoft)
  • Re: Unknown Network Attack
    ... But not routing and remote access (RRAS). ... I enabled the Windows Firewall and poked holes for HTTP, FTP, ... >> on the FTP service just fine using Internet Explorer's FTP service, ...
    (microsoft.public.windows.server.networking)