Re: VPN/Remote Desktop/Internet problem

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "Robert L [MS-MVP]" <noreply@xxxxxxxxxxx>
Date: Wed, 9 Aug 2006 09:35:19 -0500

First of all, it is not recommended to enable RRAS on a DC. Since you have Cisco PIX, I would use Cisco VPN.

Secondly, I would setup a group policy to restrict TS/RDP users to access the Internet if they access to the DC. So, do you have group policy to block internet access?

Can you ping a public IP after RDC to the DC?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Newell White" <NewellWhite@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:A7D3D7B8-1589-434C-926E-17894BCDDEE3@xxxxxxxxxxxxxxxx
We have a single subnet LAN, 192.168.1.0, with 2 W2k3 servers running AD and
DNS/WINS/DCHP. The PDC also hosts our database and RRAS/VPN server.
We have about 40 XP workstations on the LAN, and 10 VPN clients running XP
or 2000.

VPN client access is configured via the public IP address of our Cisco Pix
firewall (only route from ADSL connection to the LAN), and they login to
Remote Desktop on the PDC to access the database and file-shares only.

The only detectable problem with this set-up is - VPN users can't access the
Internet from the PDC remote desktop. They get 'cannot find server or DNS
error' - sounds like a clue!
Can anyone point me to a CLEAR article which explains why this problem
arises and how it can be solved? I don't want the security and support
headache of configuring the VPN clients (world-wide) for split-tunnel to get
Internet from their ISP.

Are there any other potential problems I am ignorant of?

TIA,
--
Newell White

Follow-Ups:
- Re: VPN/Remote Desktop/Internet problem
  - From: Bill Grant

Prev by Date: Re: Wireless networking
Next by Date: Re: Limit bandwidth allocation for RD
Previous by thread: DHCP Server unexplainably quits handing out IP's for a certain time
Next by thread: Re: VPN/Remote Desktop/Internet problem
Index(es):
- Date
- Thread

Relevant Pages

Re: Browsing share on AD slow over VPN
... VPN Clients - No NAT translation from internal IP to VPN client IP address): ... share if I put IP address of server rather than its host name. ... internet, they use their own gateway instead of the remote network gateway. ...
(microsoft.public.windows.server.active_directory)
Re: SBS03 VPN Client Loses Internet Connection when VPN Established
... Since these are all with ISA server...the VPN clients need to either install ... the ISA Firewall client and point it to the SBS server they're VPN'd into, ... Once they are connected over the internet it lets them map ...
(microsoft.public.windows.server.sbs)
RE: VPN
... VPN clients can no longer access internal resources after you install ... After these 2 steps, if VPN clients can't access Internet, I suggest we try ... Microsoft CSS Online Newsgroup Support ...
(microsoft.public.windows.server.sbs)
RE: Missing web services configuration pane
... Please contact the ISP to confirm what the exact connection type is. ... If it's a VPN type, you should have the VPN server side address. ... 825763 How to configure Internet access in Windows Small Business Server ... 241252 VPN Tunnels - PPTP Protocol Packet Description and Use ...
(microsoft.public.windows.server.sbs)
RE: VPN Issue
... 317025 You Cannot Connect to the Internet After You Connect to a VPN Server ... | first done with a standard usb broadband modem on XP Professional. ...
(microsoft.public.windows.server.sbs)