Re: RRAS, VPN, Terminal Server (TS)
- From: "Bill Grant" <not.available@online>
- Date: Thu, 6 Oct 2005 15:40:31 +1000
As I said originally, a VPN is just an IP connection. It is not the same
as a LAN connection. And it is not a domain login! If you want to log into
the domain,use the "login using a dialup connection" option in the login
dialog box.
binarysupport wrote:
> Howdy Bill, and thanks once again for your response. Fortunately,
> I've resolved the IP address/DNS resolution problem after dialin, but
> have run into another little bug.
>
> I am now receiving the following error whenever I try to open the
> Domain Controller Security Policy admin tool.
>
> "Failed to open the Group Policy Object. You may not have appropriate
> rights."
>
> It also indicates, "An invalid dn syntax has been specified."
>
> Do you have any ideas as to why this is occuring?
>
> Thanks again,
>
> Binarysupport.
>
> "Bill Grant" wrote:
>
>> 1. The default gateway setting is correct. The default gateway is the
>> "received" IP address, which means non-local traffic is sent across
>> the point-to-point connection to the RRAS server. If you want to
>> change this so that you keep your current default gateway and only
>> send 192.168.1. traffic over the VPN link, you need to clear the
>> "Use default gateway.." entry in the VPN connection properties. For
>> more detail see KB 254231 .
>>
>> 2. If you have left things at the default setting, the RRAS server
>> will lease a batch of IP addresses from DHCP and use those for the
>> VPN. It gives one to itself for the "internal" interface and one to
>> each client as required.
>>
>> 3. Your firewall could be blocking access to the 192.168.1.0 subnet.
>>
>> binarysupport wrote:
>>> Howdy Bill and thanks for the reply.
>>>
>>> I am able to make the connection and clicking on the icon in the
>>> system tray confirms this. However, after connecting I am unable to
>>> ping anything on the network of the VPN server - not even the VPN
>>> server itself (by name or ip address). Here is the IP address
>>> assignment provided through DHCP:
>>>
>>> Microsoft Windows XP [Version 5.1.2600]
>>> (C) Copyright 1985-2001 Microsoft Corp.
>>>
>>> C:\Documents and Settings\username>ipconfig /all
>>>
>>> Windows IP Configuration
>>>
>>> Host Name . . . . . . . . . . . . : PERDIDO02
>>> Primary Dns Suffix . . . . . . . :
>>> Node Type . . . . . . . . . . . . : Hybrid
>>> IP Routing Enabled. . . . . . . . : No
>>> WINS Proxy Enabled. . . . . . . . : No
>>> DNS Suffix Search List. . . . . . : (domainname).com
>>>
>>> Ethernet adapter Local Area Connection:
>>>
>>> Media State . . . . . . . . . . . : Media disconnected
>>> Description . . . . . . . . . . . : Realtek RTL8139 C+ Fast
>>> Ethernet NIC
>>>
>>> Physical Address. . . . . . . . . : 00-08-02-F3-BD-FE
>>>
>>> PPP adapter NationalAccess - BroadbandAccess:
>>>
>>> Connection-specific DNS Suffix . :
>>> Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
>>> Physical Address. . . . . . . . . : 00-53-45-00-00-00
>>> Dhcp Enabled. . . . . . . . . . . : No
>>> IP Address. . . . . . . . . . . . : 70.197.103.122
>>> Subnet Mask . . . . . . . . . . . : 255.255.255.255
>>> Default Gateway . . . . . . . . . : 70.197.103.122
>>> DNS Servers . . . . . . . . . . . : 66.174.3.7
>>> 66.174.6.7
>>> NetBIOS over Tcpip. . . . . . . . : Disabled
>>>
>>> PPP adapter Blair's Bail Bonds VPN:
>>>
>>> Connection-specific DNS Suffix . : blairsbailbonds.com
>>> Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
>>> Physical Address. . . . . . . . . : 00-53-45-00-00-00
>>> Dhcp Enabled. . . . . . . . . . . : No
>>> IP Address. . . . . . . . . . . . : 192.168.1.19
>>> Subnet Mask . . . . . . . . . . . : 255.255.255.255
>>> Default Gateway . . . . . . . . . : 192.168.1.19
>>> DNS Servers . . . . . . . . . . . : 192.168.1.3
>>> 205.152.132.23
>>> 205.152.37.23
>>>
>>> One thing I must admit that I don't understand is why the default
>>> gateway is the same as the host ip address of the vpn client.
>>> Shouldn't this be set to the default gateway address of the router
>>> on the network to which I am connecting via VPN? Now, as I've
>>> stated before, if I physically connect to the network locally (the
>>> very same one to which I'm trying to VPN) I'm able to ping
>>> everything, and use all available services on the network. It is
>>> only when I VPN that I can't ping or use any of the services on the
>>> network.
>>>
>>> Also, when I check the leases on the DHCP server I don't see
>>> anything for the VPN client when it is connected. How is it
>>> getting an IP address and from where? Is it obtaining the address
>>> from RRAS or from the DHCP service?
>>>
>>> Again, thanks for you reply,
>>>
>>> Binarysupport
>>>
>>> "Bill Grant" wrote:
>>>
>>>> VPN is just a point-to-point connection like RAS.When you are
>>>> connected, click the icon on the taskbar and look at the properties
>>>> of the connection.
>>>>
>>>> You should be able to ping the server by this IP (it is just
>>>> the other end of the point-to-point). Whether you can ping anything
>>>> beyond that depends on how you set it up. If the client gets an IP
>>>> in the same subnet as the LAN machines, you should be able to ping
>>>> them by IP address. (The RRAS server acts a a proxy for the remote
>>>> client).
>>>>
>>>> Whether you can ping by name depends on whether the remote
>>>> client has the correct DNS server address and is using the correct
>>>> DNS suffix.
>>>>
>>>> binarysupport wrote:
>>>>> Howdy All,
>>>>>
>>>>> I'm having a problem with RRAS, VPN and TS. Basically the problem
>>>>> is that I can connect remotely to the VPN server (incidentall the
>>>>> VPN Server, DHCP Server, DNS Server, and TS are all one and the
>>>>> same), but I cannot access anything on the remote network once
>>>>> I've connected. The LAN to which I'm connecting is setup as
>>>>> follows:
>>>>>
>>>>> DSL Router 192.168.1.1
>>>>> FS1: 192.168.1.3
>>>>> DHCP: 192.168.1.3
>>>>> DNS: 192.168.1.3
>>>>> VPN: 192.168.1.3
>>>>> TS: 192.168.13
>>>>>
>>>>> FS1/DHCP/DNS/VPN--->Switch--->Router--->INTERNET<---VPN Client
>>>>> Workstation1--------------^
>>>>> Workstation2--------------^
>>>>>
>>>>> Now, I know what you will probably say first "That's too much on
>>>>> one server!" And, yes you are right, but considering my financial
>>>>> constraints I have no other choice - besides it should still work.
>>>>> I just haven't setup one up in a while so I'm a little rusty and
>>>>> I'm probably stepping all over the answer.
>>>>>
>>>>> Locally I can ping everything on the network from a workstation.
>>>>> Therefore, I guess that means DNS and DHCP is working fine. I can
>>>>> even logon to the TS and run any application.
>>>>>
>>>>> But, once I take out my laptop, dial up my ISP, connect to the VPN
>>>>> server over the dial up connection, and then connect, I am not
>>>>> able to ping FS1, the router, or anything else. I also cannot
>>>>> connect to and run anything on the TS. What is the problem. Any
>>>>> and all help will be greatly appreciate.
>>>>>
>>>>> Thanks in advance.
.
- References:
- Re: RRAS, VPN, Terminal Server (TS)
- From: Bill Grant
- Re: RRAS, VPN, Terminal Server (TS)
- From: binarysupport
- Re: RRAS, VPN, Terminal Server (TS)
- From: Bill Grant
- Re: RRAS, VPN, Terminal Server (TS)
- From: binarysupport
- Re: RRAS, VPN, Terminal Server (TS)
- Prev by Date: Re: RRAS, VPN, Terminal Server (TS)
- Next by Date: Re: VPN Error 721
- Previous by thread: Re: RRAS, VPN, Terminal Server (TS)
- Next by thread: Re: Clients Can't See Remote Server Through RAS
- Index(es):
Relevant Pages
|
