Re: RRAS, VPN, Terminal Server (TS)

Howdy Bill, and thanks once again for your response. Fortunately, I've
resolved the IP address/DNS resolution problem after dialin, but have run
into another little bug.

I am now receiving the following error whenever I try to open the Domain
Controller Security Policy admin tool.

"Failed to open the Group Policy Object. You may not have appropriate rights."

It also indicates, "An invalid dn syntax has been specified."

Do you have any ideas as to why this is occuring?

Thanks again,

Binarysupport.

"Bill Grant" wrote:

> 1. The default gateway setting is correct. The default gateway is the
> "received" IP address, which means non-local traffic is sent across the
> point-to-point connection to the RRAS server. If you want to change this so
> that you keep your current default gateway and only send 192.168.1. traffic
> over the VPN link, you need to clear the "Use default gateway.." entry in
> the VPN connection properties. For more detail see KB 254231 .
>
> 2. If you have left things at the default setting, the RRAS server will
> lease a batch of IP addresses from DHCP and use those for the VPN. It gives
> one to itself for the "internal" interface and one to each client as
> required.
>
> 3. Your firewall could be blocking access to the 192.168.1.0 subnet.
>
> binarysupport wrote:
> > Howdy Bill and thanks for the reply.
> >
> > I am able to make the connection and clicking on the icon in the
> > system tray confirms this. However, after connecting I am unable to
> > ping anything on the network of the VPN server - not even the VPN
> > server itself (by name or ip address). Here is the IP address
> > assignment provided through DHCP:
> >
> > Microsoft Windows XP [Version 5.1.2600]
> > (C) Copyright 1985-2001 Microsoft Corp.
> >
> > C:\Documents and Settings\username>ipconfig /all
> >
> > Windows IP Configuration
> >
> > Host Name . . . . . . . . . . . . : PERDIDO02
> > Primary Dns Suffix . . . . . . . :
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : (domainname).com
> >
> > Ethernet adapter Local Area Connection:
> >
> > Media State . . . . . . . . . . . : Media disconnected
> > Description . . . . . . . . . . . : Realtek RTL8139 C+ Fast
> > Ethernet NIC
> >
> > Physical Address. . . . . . . . . : 00-08-02-F3-BD-FE
> >
> > PPP adapter NationalAccess - BroadbandAccess:
> >
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> > Physical Address. . . . . . . . . : 00-53-45-00-00-00
> > Dhcp Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 70.197.103.122
> > Subnet Mask . . . . . . . . . . . : 255.255.255.255
> > Default Gateway . . . . . . . . . : 70.197.103.122
> > DNS Servers . . . . . . . . . . . : 66.174.3.7
> > 66.174.6.7
> > NetBIOS over Tcpip. . . . . . . . : Disabled
> >
> > PPP adapter Blair's Bail Bonds VPN:
> >
> > Connection-specific DNS Suffix . : blairsbailbonds.com
> > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> > Physical Address. . . . . . . . . : 00-53-45-00-00-00
> > Dhcp Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.1.19
> > Subnet Mask . . . . . . . . . . . : 255.255.255.255
> > Default Gateway . . . . . . . . . : 192.168.1.19
> > DNS Servers . . . . . . . . . . . : 192.168.1.3
> > 205.152.132.23
> > 205.152.37.23
> >
> > One thing I must admit that I don't understand is why the default
> > gateway is the same as the host ip address of the vpn client.
> > Shouldn't this be set to the default gateway address of the router on
> > the network to which I am connecting via VPN? Now, as I've stated
> > before, if I physically connect to the network locally (the very same
> > one to which I'm trying to VPN) I'm able to ping everything, and use
> > all available services on the network. It is only when I VPN that I
> > can't ping or use any of the services on the network.
> >
> > Also, when I check the leases on the DHCP server I don't see anything
> > for the VPN client when it is connected. How is it getting an IP
> > address and from where? Is it obtaining the address from RRAS or
> > from the DHCP service?
> >
> > Again, thanks for you reply,
> >
> > Binarysupport
> >
> > "Bill Grant" wrote:
> >
> >> VPN is just a point-to-point connection like RAS.When you are
> >> connected, click the icon on the taskbar and look at the properties
> >> of the connection.
> >>
> >> You should be able to ping the server by this IP (it is just the
> >> other end of the point-to-point). Whether you can ping anything
> >> beyond that depends on how you set it up. If the client gets an IP
> >> in the same subnet as the LAN machines, you should be able to ping
> >> them by IP address. (The RRAS server acts a a proxy for the remote
> >> client).
> >>
> >> Whether you can ping by name depends on whether the remote
> >> client has the correct DNS server address and is using the correct
> >> DNS suffix.
> >>
> >> binarysupport wrote:
> >>> Howdy All,
> >>>
> >>> I'm having a problem with RRAS, VPN and TS. Basically the problem
> >>> is that I can connect remotely to the VPN server (incidentall the
> >>> VPN Server, DHCP Server, DNS Server, and TS are all one and the
> >>> same), but I cannot access anything on the remote network once I've
> >>> connected. The LAN to which I'm connecting is setup as follows:
> >>>
> >>> DSL Router 192.168.1.1
> >>> FS1: 192.168.1.3
> >>> DHCP: 192.168.1.3
> >>> DNS: 192.168.1.3
> >>> VPN: 192.168.1.3
> >>> TS: 192.168.13
> >>>
> >>> FS1/DHCP/DNS/VPN--->Switch--->Router--->INTERNET<---VPN Client
> >>> Workstation1--------------^
> >>> Workstation2--------------^
> >>>
> >>> Now, I know what you will probably say first "That's too much on one
> >>> server!" And, yes you are right, but considering my financial
> >>> constraints I have no other choice - besides it should still work.
> >>> I just haven't setup one up in a while so I'm a little rusty and I'm
> >>> probably stepping all over the answer.
> >>>
> >>> Locally I can ping everything on the network from a workstation.
> >>> Therefore, I guess that means DNS and DHCP is working fine. I can
> >>> even logon to the TS and run any application.
> >>>
> >>> But, once I take out my laptop, dial up my ISP, connect to the VPN
> >>> server over the dial up connection, and then connect, I am not able
> >>> to ping FS1, the router, or anything else. I also cannot connect to
> >>> and run anything on the TS. What is the problem. Any and all help
> >>> will be greatly appreciate.
> >>>
> >>> Thanks in advance.
>
>
>
.

Relevant Pages

  • RE: VPN issue on SBS2003
    ... I understand that you encountered VPN connection issue when you use VPN to ... Internet clients or VPN to external VPN Server from SBS Client computers? ... Configure E-mail and Internet Connection Wizard ... Total GRE packets sent = 1 ...
    (microsoft.public.windows.server.sbs)
  • RE: PPTP VPN connection problems
    ... The problem is that the VPN does not disconnect. ... However after some idle period I can not send packets across the connection. ... A ping to the server would result in "Request timed out". ... If I connect with the VPN client locally to the internet ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Ports to Open
    ... the VPN connection after you change the firewall before SBS. ... On the server, please stop the Routing and Remote Access service. ... Total GRE packets sent = 1 ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows 2003 VPN Default Gateway Issues
    ... Ethernet adapter Local Area Connection: ... If the VPN server is configured to use a static IP address ... the default gateway on the client is not the problem. ...
    (microsoft.public.windows.server.networking)
  • RE: VPN Connectivity issues through LAN
    ... I understand that you cannot ping SBS after ... you can establish VPN connection from the remote LAN. ... You have to rerun the CEICW to make sure your SBS 2003 server have right ...
    (microsoft.public.windows.server.sbs)
Loading