Re: VPN partially works

From: Millie (anonymous_at_discussions.microsoft.com)
Date: 07/15/04 

Date: Thu, 15 Jul 2004 08:30:20 -0700

I'm not very experienced with VPNs and have a limited
knowledge of the subject matter and terminology.

Our hardware firewall has an external IP address. The
firewall ports are mapped as follows: port 25 for smtp is
mapped to internal IP #2 (domain controller), port 1723
for vpn is mapped to internal IP #2 (domain controller),
etc.

Yes, the branch office can successfully access their email.

The branch office can't use Windows Explorer to map a
drive to the member server.

My understanding is that if VPN is configured correctly,
once the VPN session is established that the remote client
will be able to access email on the domain controller and
data (spreadsheets, word documents, etc) on the member
server. But in our case, the remote client can only access
email on the domain controller and not access data on the
member server.

Thank you,
Millie

>-----Original Message-----
>"Millie" <anonymous@discussions.microsoft.com> wrote in
message
>news:2db8b01c46a17$8b7577e0$a301280a@phx.gbl...
>
>> -port 25 forwards to internal IP #2 (domain controller)
>> -port 443 forwards to internal IP #2 (domain controller)
>> -port 1723 forwards to internal IP #2 (domain
controller)
>> -port 81 forwards to internal IP #3 (member server)
>
>I know it can be annoying,...but we need to clarify
termiology to make sure
>we are on the "same page" together.
>
>Above, the "ports" aren't being forwarded. The IP# are
being forwarded. Port
>forwarding is when the ports on IP#1 and IP#2 are not the
same port#.
>
>> The branch office use a dialup network connection to
>> establish a PPTP VPN connection, and then open their
>> Outlook XP to access their email that is stored on the
>> domain controller.
>
>I assume you mean that this part works?
>
>> With the VPN up, the branch office can't see the member
>> server to access the intranet documents. I have had to
>> create an Internet icon on each computer with the
>> URL "http://external ip:81/directory name" in order for
>> the branch office to access the intranet documents.
>
>Let's use accuart terminology or we will never know what
each other means.
>What do you actually mean by "branch office can't see the
member server"?
>How are they attempting to do it? Network browsing?
Internet Explorer
>combined with a intranet website? Are they using machine
names?, FQDNs?,
>IP#s? Your example is a HTTP URL using the IP# on a non-
standard port, this
>would imply the use of an internal website to gather
these "intranet
>documents".
>
>> I can't figure out how to get the VPN connection to see
>> both the domain controller and the member server.
>
>Well VPN is just a encapsulated TCP/IP link,.... it
doesn't "see" anything.
>Can you explain what you mean by that?
>
>--
>
>Phillip Windell [MCP, MVP, CCNA]
>www.wandtv.com
>
>
>.
>