Re: VPN Question
From: Jim Garrett (jimg_comp_at_nospam.yahoo.com)
Date: 07/11/04
- Next message: Mario: "MSFT"
- Previous message: Mario: "Stephanie Doakes (MSFT)"
- In reply to: Merv Porter [SBS-MVP]: "Re: VPN Question"
- Next in thread: Marina Roos [SBS-MVP]: "Re: VPN Question"
- Reply: Marina Roos [SBS-MVP]: "Re: VPN Question"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 11 Jul 2004 08:53:22 -0700
Thanks Merv.
For testing purposes, the laptop I'm using as the VPN client is sitting
between the external and internal routers. The SBS network is behind the
internal router and DHCP is handled by the SBS server. The external router
is doing DHCP and that is where the VPN client initially gets it's IP
address. The IP ranges are as follows:
External: 192.168.1.xxx
Internal SBS: 192.168.2.xxx
The laptop I am using is joined to another domain (lets call that domain A).
The SBS network is domain B.
If I take a machine joined to domain B and connect it to the external router
(IP 192.168.1.xxx), I can VPN in to domain B and access all resources by
name or IP without issue (this includes machines, server, printers, etc.).
When I connect the laptop joined to domain A and connect it to the external
router (IP 192.168.1.xxx) and then VPN in to domain B, the connection is
successful but I cannot access any resources either by name or IP. This
includes the SBS server. When I ping the server by IP, the request times
out. By name, it cannot be found.
Other potentially helpful information:
Both routers are doing firewall and NAT. The external router is connected to
the internet via cable modem. The internal router is getting it's IP from
the external router but DHCP is handled by the SBS server.
-- Jim "Merv Porter [SBS-MVP]" <mwport@no_spam_hotmail.com> wrote in message news:ufdRaguZEHA.1048@tk2msftngp13.phx.gbl... > Hi Jim: > > Maybe I'm not reading your replies correctly, but I'm not sure I see where > you've answered David's question... Is the IP address range on your network > the same as that of your client's network. If you're internal network (LAN) > is 192.168.2.x and your client's LAN is 192.168.2.x, you're going to have a > problem with VPN. Likewise, if both networks have routers that use the same > IP range, you may have some problems, depending on what you need to do. > > If you're doing administrive tasks, then you need access to the SBS server. > After you establish a VPN, create an RDC session to the SBS. From there, > you can create other RDC sessions to WinXP Pro workstations or fire up > something like Netmeeting or VNC to administer workstations with earlier > OS's. Of course, the workstations will need to be configured for whatever > method of remote control you choose to use. > > -- > Merv Porter [SBS MVP] > =================================== > "Jim Garrett" <jimg_comp@nospam.yahoo.com> wrote in message > news:u$kx9UuZEHA.2816@TK2MSFTNGP11.phx.gbl... > > I've discovered the problem and I'm wondering if there is a way around > this. > > > > I have a domain of my own and my machine is joined to it. I've set up an > SBS > > 2k3 network for a customer and I want to be able to VPN in to that network > > for administrative tasks. > > > > For the problem that I originally posted, I cannot access resources on the > > network because my machine is joined to my network and not the network I'm > > creating the VPN connection to. A machine joined to the domain, put > outside > > the network and VPN in and access resources without a problem. > > > > Is there a way to VPN from a machine joined to another domain and still > > access resources? > > > > Thanks, > > > > Jim > > "Jim Garrett" <jimg_comp@nospam.yahoo.com> wrote in message > > news:OUt$yFkZEHA.2944@TK2MSFTNGP11.phx.gbl... > > > David, > > > > > > Thanks for the reply. > > > > > > The external router is giving addresses in the 192.168.1.xxx range and > the > > > SBS server is giving addresses in the 192.168.2.xxx range so they are > > > different. > > > > > > As far as accessing resources, after making the VPN connection, I have > > > tried > > > the following: > > > > > >> Ping the server by name: Ping request could not find host. > > >> Ping server by IP: Request timed out. 100% packet loss > > >> Browse a network share: Windows cannot find '\\share'. Check spelling > and > > > try again. > > > > > > On the server, if I open the Routing and Remote Access console, I can > see > > > the active connection. I also ran a netmon. I see a successful hand > shake > > > but the trace of a ping simply shows it hitting my router. I think the > > > router is the issue (it's a Netgear FVS318) and will try some other > stuff > > > to > > > test. > > > > > > Any suggestions? > > > -- > > > Jim > > > > > > > > > > > > "David Jones [MSFT]" <dajones@online.microsoft.com> wrote in message > > > news:OOi4r5cZEHA.1000@TK2MSFTNGP12.phx.gbl... > > >> Hi Jim, > > >> > > >> On the LAN this client is on (before connecting the VPN), does it use > the > > >> same IP subnet that the SBS server uses for it's internal network? If > > >> so, > > >> you'll need to change one of the two before this will work. > > >> For example, if your client gets a 192.168.0.xxx address from its > router > > >> before connecting the VPN, and SBS also uses 192.168.0.xxx for it's > > > internal > > >> network, this will cause the problems you're experiencing. > > >> > > >> If those are different, and you're still having this problem, could you > > > walk > > >> us through step by step how you attempt to access the resources, and > what > > >> (if any) error messages you get back along the way? > > >> > > >> Thanks for posting! > > >> > > >> David Jones > > >> SBS Product Team > > >> > > >> -- > > >> This posting is provided "AS IS" with no warranties, and confers no > > > rights. > > >> > > >> > > >> "Jim Garrett" <jimg_comp@nospam.yahoo.com> wrote in message > > >> news:e7U7WsbZEHA.2408@tk2msftngp13.phx.gbl... > > >> > Hello, > > >> > > > >> > I'm new to SBS 2003 and to this group so thanks in advance for any > > >> > assistance. > > >> > > > >> > I'm trying to work out a VPN issue. Because of my particular > > >> > situation, I'm not able to use the SBS connection manager but > > >> > instead I'm creating a manual VPN connection in Windows XP. I can > > >> > connect and get authenticated but cannot access any resources on the > > >> > network. My VPN machine is getting one of the remote access reserved > > >> > IP addresses but the subnet is 255.255.255.255 instead of > > >> > 255.255.255.0 and the default gateway is set to the local machines > > >> > IP address assigned by the VPN connection. > > >> > > > >> > More detail on the setup: > > >> > > > >> > > Wireless router connected to the internet > > >> > > Wireless VPN client (laptop) > > >> > > Router in front of internal network > > >> > > SBS Server & other network machines/devices > > >> > > > >> > I'm using the IP address of the internal router for the VPN > > >> > connection which forwards to the SBS server. Like I said, I get > > >> > authenticated and can see that I have an active session on the SBS > > >> > server but cannot access any internal resources. > > >> > > > >> > Also, the laptop machine itself is not joined to the internal domain. > > >> > It > > >> is > > >> > actually joined to another domain. I notice that when testing this > > > inside > > >> > the network (from an internal machine), the status box states > > > "Registering > > >> > your computer on the network". The laptop does not say that. > > >> > > > >> > Ideas? > > >> > > > >> > Thanks! > > >> > > > >> > Jim > > >> > > > >> > > > >> > > >> > > > > > > > > > > > >
- Next message: Mario: "MSFT"
- Previous message: Mario: "Stephanie Doakes (MSFT)"
- In reply to: Merv Porter [SBS-MVP]: "Re: VPN Question"
- Next in thread: Marina Roos [SBS-MVP]: "Re: VPN Question"
- Reply: Marina Roos [SBS-MVP]: "Re: VPN Question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
