Re: VPN/Remote Desktop/Internet problem

Tech-Archive recommends: Fix windows errors by optimizing your registry

I basically agree with Bob. The PDC emulator is the worst choice for the
VPN server. The PIX is the best choice. If you must use a Windows server,
don't use the PDC emulator for a remote access server. Even if you use the
other W2k3 for RRAS you may have probems if it is a DNS server or is a
master browser for the LAN. See KB 292822 and 830063 .

Robert L [MS-MVP] wrote:
First of all, it is not recommended to enable RRAS on a DC. Since you
have Cisco PIX, I would use Cisco VPN.

Secondly, I would setup a group policy to restrict TS/RDP users to
access the Internet if they access to the DC. So, do you have group
policy to block internet access?

Can you ping a public IP after RDC to the DC?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Newell White" <NewellWhite@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:A7D3D7B8-1589-434C-926E-17894BCDDEE3@xxxxxxxxxxxxxxxx
We have a single subnet LAN, 192.168.1.0, with 2 W2k3 servers
running AD and
DNS/WINS/DCHP. The PDC also hosts our database and RRAS/VPN server.
We have about 40 XP workstations on the LAN, and 10 VPN clients
running XP
or 2000.

VPN client access is configured via the public IP address of our
Cisco Pix
firewall (only route from ADSL connection to the LAN), and they
login to
Remote Desktop on the PDC to access the database and file-shares
only.

The only detectable problem with this set-up is - VPN users can't
access the
Internet from the PDC remote desktop. They get 'cannot find server
or DNS
error' - sounds like a clue!
Can anyone point me to a CLEAR article which explains why this
problem
arises and how it can be solved? I don't want the security and
support
headache of configuring the VPN clients (world-wide) for
split-tunnel to get
Internet from their ISP.

Are there any other potential problems I am ignorant of?

TIA,
--
Newell White


.

Relevant Pages

  • RE: VPN Issue
    ... 317025 You Cannot Connect to the Internet After You Connect to a VPN Server ... | first done with a standard usb broadband modem on XP Professional. ...
    (microsoft.public.windows.server.sbs)
  • Re: Sometimes it works sometimes it doesnt (VPN data issues)
    ... NIC1 "Internet" is set to ... (the IP of the external firewall) and the DNS is set to ... A connection between the VPN server and the VPN client xxx.xxx.xxx.xxx ...
    (microsoft.public.windows.server.networking)
  • RE: VPN Error code 800 HELP!
    ... Can you visit Internet and OWA on SBS server? ... Just one PC get error code 800 connecting VPN connecting to SBS? ...
    (microsoft.public.windows.server.sbs)
  • RE: Sharing VPN client connection
    ... as a VPN server, configure the internal clients to connect the remote ... office by VPN connection and then access to the Internet from the Remote ... Enable internal clients to access the Internet. ... On the server, go to My Network Places, click New Connection Wizard. ...
    (microsoft.public.windows.server.sbs)
  • Re: The OTHER problem with Netgear WGT624 (and probably others)
    ... |>|>Isolated network zone, enforced by router and firewall rules. ... My preferred solution is to put the server behind ... |>| authenticated VPN and blocks all outbound connections. ... |>How does VPN help an office connect to the internet? ...
    (alt.internet.wireless)