Re: 2003 SP1 RRAS problem

Thanks for the reply, it is good to know that I am not the only one with this
problem.

> Sorry Jeff, I do not have the answer for you, however maybe this will help as
> you have exactly the problem as me with SP1. I posted this issue back on
> April 11th in ‘Windows Server Networking’ as ‘RRAS/VPN Win 2003 SP1’. As you
> can see I got lots of responses from people with the same problem! But no
> answers…
>
> In the following set-up, both RRAS SP1 servers can ping ALL computers (local
> and remotes clients and the remote RRAS SP1 server). However, local clients
> can only ping all local computers.
>
> Client1 XP Pro
> LAN IP Address 192.168.1.50/24 (fixed)
> Static route 192.168.2.0 mask 255.255.255.0 192.168.1.1
> I
> LAN1
> I
> RRAS1 Win2k3SP1
> Internet IP Address aaa.bbb.ccc.ddd (fixed)
> LAN IP Address 192.168.1.1/24 (fixed)
> Static route to remote LAN set in RRAS
> Address pool for remotes 192.168.1.201 to 250 set in RRAS
> I
> I
> Internet
> I
> I
> RRAS2 Win2k3SP1
> Internet IP Address eee.fff.ggg.hhh (fixed)
> LAN IP Address 192.168.2.1/24 (fixed)
> Static route to remote LAN set in RRAS
> Address pool for remotes 192.168.2.201 to 250 set in RRAS
> I
> LAN2
> I
> Client2 XP Pro
> LAN IP Address 192.168.2.50/24 (fixed)
> Static route 192.168.1.0 mask 255.255.255.0 192.168.2.1
>
>
> Note: The situation is just the same if you replace the LANs (and the
> ‘Internet’) with simple cross over cables (as a test set-up). This removes
> any routers, switches and hubs, so it proves it’s not the MTU issue
> (KB898060) nor is it IPNAT.SYS problem (KB897651) Microsoft emailed me the
> updated ipnat.sys but it made no difference.
>
> I have discovered (with Network Monitor) that the packets travel as follows:
> -
>
> From Client - OK
> In to the local RRAS server LAN NIC - OK
> Out of the local RRAS server Internet NIC (in tunnel) - OK
> In to the remote RRAS server Internet NIC (in tunnel) - OK
> Then nothing on the remote RRAS server LAN NIC !!!
> Same in both directions
>
> These are clean installations of Win2k3 SP1 with RRAS, no firewalls at all,
> no virus checkers, nothing to get in the way.
>
> Take off SP1 and it’s fine!
>
> Please keep me (all of us) informed, when you have time. Regards shudson
>
.

Relevant Pages

  • Re: RRAS VPN &NAT
    ... getting IP addresses in the same IP subnet as the LAN machines? ... The RRAS server acts as a proxy for the remotes on ... Note that if you want to use names rather than IP addresses, the remote ... clients may need extra info to resolve names of LAN machines. ...
    (microsoft.public.windows.server.networking)
  • Re: Internal adaptor IP address
    ... The process with DHCP isn't quite as you suggest. ... still get their network config from RRAS, ... better option to control the config of the remote clients. ... server to a private LAN. ...
    (microsoft.public.win2000.ras_routing)
  • Re: 2003 SP1 RRAS problem
    ... both RRAS SP1 servers can ping ALL computers (local ... LAN IP Address 192.168.1.50/24 ... Static route to remote LAN set in RRAS ...
    (microsoft.public.win2000.ras_routing)
  • Re: Set up IPsec...
    ... > you have it configured on a rras server, then it could filter just lan and ... > ipsec filter will be processed according to the policy as the non rras ...
    (microsoft.public.win2000.security)
  • Re: 2003 RRAS config problem
    ... Enable IP routing on the RRAS server. ... Ensure that the LAN machines can route traffic to the remote subnet. ...
    (microsoft.public.win2000.ras_routing)