Re: Network Shares via VPN OK one way, rejected the other way

hmm yeh - it got me thinking, i created a share on the ireland server with
full access permissions for everyone, tried to access it on the uk server,
failed (expected) - then tried the same path on the actual ireland server,
this should work - it didnt...it seems to be a routing issue of sorts, i have
a headache at present so im going to step through this carefully, but i think
im on to something..

as you say that both cards must not share the same subnet, so if i say, set
the external facing nic (ie the one plugged into the router) from
192.168.16.2 to 192.168.18.2 and leave the internal (the one plugged into the
local switch) nic as 192.168.16.1 - it should work?

Vpn is a managed service....


Thanks again for taking the time to look at this :)


"Robert L. (MS-MVP)" wrote:

We have some issue with OSERVER.IRELAND.LOCAL configuration. Is
OSERVER.IRELAND.LOCAL DC? If yes, you may have a name resolution and routing
issue. It is not recommended to run a DC on a multihomed computers.

Both IP addresses should not be in the same ip range.

Which VPN service are you using?

--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"MrOrange" <MrOrange@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:635A80CE-CC9E-4C2F-9CCA-0038C78C698D@xxxxxxxxxxxxxxxx
Sure thing

Server in Ireland :

Ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : OSERVER
Primary Dns Suffix . . . . . . . : ireland.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : ireland.local

Ethernet adapter LAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-xx-xx-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.1
Primary WINS Server . . . . . . . : 192.168.16.1

Ethernet adapter WAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 5721 Gigabit
Controller
Physical Address. . . . . . . . . : 00-12-3F-6E-7E-CA
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.16.254
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled


Routing table for the same server in Ireland:


IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 xx xx xx xx xx...... Realtek RTL8139 Family PCI Fast
Ethernet
NIC
0x10004 ...00 xx xx xx xx xx...... Broadcom NetXtreme 5721 Gigabit
Controller
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.16.254 192.168.16.2 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.16.0 255.255.255.0 192.168.16.1 192.168.16.1 20
192.168.16.0 255.255.255.0 192.168.16.2 192.168.16.2 20
192.168.16.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.16.255 255.255.255.255 192.168.16.1 192.168.16.1 20
192.168.16.255 255.255.255.255 192.168.16.2 192.168.16.2 20
224.0.0.0 240.0.0.0 192.168.16.1 192.168.16.1 20
224.0.0.0 240.0.0.0 192.168.16.2 192.168.16.2 20
255.255.255.255 255.255.255.255 192.168.16.1 192.168.16.1 1
255.255.255.255 255.255.255.255 192.168.16.2 192.168.16.2 1
Default Gateway: 192.168.16.254
===========================================================================
Persistent Routes:
None

Tracert from Ireland server to UK server :

Tracing route to asa2.uk.lan [192.168.44.6]
over a maximum of 30 hops:

1 2 ms 2 ms 1 ms 192.168.16.254
2 117 ms 114 ms 115 ms asa2.uk.lan [192.168.44.6]

Trace complete.


ipconfig /all of server in the UK:


Windows IP Configuration

Host Name . . . . . . . . . . . . : asa2
Primary Dns Suffix . . . . . . . : UK.lan
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : UK.lan

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-XX-XX-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.44.6
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.44.29
DNS Servers . . . . . . . . . . . : 192.168.44.5
192.168.44.8

Route table for UK server:


IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 xx xx xx xx xx ...... Intel(R) PRO/1000 MT Network
Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.44.29 192.168.44.6 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.44.0 255.255.255.0 192.168.44.6 192.168.44.6 10
192.168.44.6 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.44.255 255.255.255.255 192.168.44.6 192.168.44.6 10
224.0.0.0 240.0.0.0 192.168.44.6 192.168.44.6 10
255.255.255.255 255.255.255.255 192.168.44.6 192.168.44.6 1
Default Gateway: 192.168.44.29
===========================================================================
Persistent Routes:
None



tracert from uk to ireland:



Tracing route to OSERVER.IRELAND.LOCAL [192.168.16.2]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.44.29
2 116 ms 114 ms 115 ms 192.168.16.254
3 115 ms 114 ms 114 ms OSERVER.IRELAND.LOCAL [192.168.16.2]

Trace complete.

Thanks again for looking into this, its most puzzling...


"Robert L. (MS-MVP)" wrote:
We need more information to help. posting the result of ipconfig /all and
touring table on both VPN servers here may help.

--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"MrOrange" <MrOrange@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F1A52966-ECCD-476F-B6CA-2D804098463F@xxxxxxxxxxxxxxxx
Hi There,

I am hoping that someone can help me with this, as i have no more hair
left
to tear out.
Allow me to explain.
We have two sites linked via a vpn tunnel, two different domains, one
site
in the UK and one site in Ireland.

Both sites can ping each others routers and main servers.
RDP works either way

The problem arises when trying to open a network share located in the
Ireland site.

For example, sitting on a machine in the uk, open a run command and
enter
\\192.168.16.2 - after about 30 seconds to a minute i get a error – The
network path was not found.

If i enter a hidden share ie \\192.168.16.2\c$ after about 30 seconds
a
password authentication request box appears asking for credentials.
I enter the domain administrator user name and password (which i know
are
correct as i have performed a rdp to the same machine) and wait – after
about
30 seconds, the authentication requestor is back again.

I have also tried various combinations of the username ie
administrator@xxxxxxxxxxxx mydomain\administrator – etc All result in
a
brief pause then the requestor is back.

Now going from the other direction is a different matter – if i RDP
onto
the
server in Ireland, then open the Run command and put in a ip for a
server
in
the uk – i get another password authentication request, i enter
administrator
and its domain password, after a brief moment, i am presented with the
shares
on that server.








.

Relevant Pages

  • RE: Route added by RRAS that overrides local LAN route on NIC
    ... I am using SBS as the VPN server. ... The route I am speaking of is the route to local LAN that is put in the ... After the RAS client connects there is another route added so the two ...
    (microsoft.public.windows.server.sbs)
  • Re: Use to be able to VPN/RDP. After installing SBS2003, can only VPN
    ... disconnected the VPN since it's a) only showing one IP address for the nic. ... server and it where you are getting VPN authenticated, IP address, DNS ... With our PPTP connection while you were connected the routing table would ... The 1.1.1.1 route is used in order to keep the physical connection for the ...
    (microsoft.public.windows.server.sbs)
  • RE: Connecting to resources over a SBS 2003 VPN
    ... Now the server is on a different IP range the VPN works perfectly. ... i seem to only be able to connect one client at a time ... the system uses route table to route IP traffics. ...
    (microsoft.public.windows.server.sbs)
  • Re: Network Shares via VPN OK one way, rejected the other way
    ... Which VPN service are you using? ... Routing table for the same server in Ireland: ... IPv4 Route Table ...
    (microsoft.public.windowsxp.network_web)
  • Re: problem with VPN running on static IP address
    ... I stand corrected on the second route. ... I can see that my vpn client is connected by looking in the list of clients ... on the server (I can access the server via RDC through the outside ... my client has no connectivity to the vpn server. ...
    (microsoft.public.windows.server.networking)