Re: SBS2003, Sharepoint, VPN (and dialup) question

From: Eric Sun [MSFT] (v-ericsu_at_online.microsoft.com)
Date: 12/09/04

• Next message: Gus: "Re: CPU recommendation"
• Previous message: Gus: "Re: Still A Open Relay"
• In reply to: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Next in thread: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Reply: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 09 Dec 2004 07:55:37 GMT

Hi Vic,

As a default Microsoft VPN connection, after the client establish the connection with SBS server, the default
gateway on this client will be set to this VPN connection. So, the DNS configuration on the VPN connection will be
used. In other words, the client will use SBS DNS service. Furthermore, since the default gateway is set to VPN
connection, even the internet access will go through the VPN connection.

For your scenario, I think you need to set the remote SBS server DNS as main DNS server. For automatically
configure it at Symantec VPN, I would suggest you to consult Symantec directly. Thanks for your understanding.

Hope that helps.

Best Regards,

Eric Sun,
MCSE2000 / MSCA / MCDBA
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights
--------------------
| From: "Vic Russell" <nospam@nospam.com>
| References: <#hHRjl22EHA.1192@tk2msftngp13.phx.gbl> <enagdN32EHA.3336@TK2MSFTNGP11.phx.gbl>
<JaJR8f32EHA.768@cpmsftngxa10.phx.gbl> <eNMsL162EHA.2316@TK2MSFTNGP15.phx.gbl> <VwZWZ7C3EHA.3744
@cpmsftngxa10.phx.gbl>
| Subject: Re: SBS2003, Sharepoint, VPN (and dialup) question
| Date: Wed, 8 Dec 2004 09:01:43 -0000
| Lines: 283
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <e3hc1RQ3EHA.1152@TK2MSFTNGP14.phx.gbl>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: host217-34-121-226.in-addr.btopenworld.com 217.34.121.226
| Path: cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
| Xref: cpmsftngxa10.phx.gbl microsoft.public.windows.server.sbs:128195
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi, Eric,
|
| I have found that I can connect to Sharepoint (companyweb) fine over a VPN
| (Symantec one) without using the Microsoft VPN connection over the top (or
| under the bottom as tunnels would imply). HOWEVER, only if I put my target
| systems DNS server into the TCP/IP settings in the connection settings (in
| my case a WiFi). Usually these are set to automatic and the PC gets its DNS
| via the WiFi unit. This is waht we want when just connecting to the Internet
| but it would seem we need the target systems DNS server (the company web
| one) for Sharepoint. I cannot see how to combine the two. I can't have
| users switching their DNS settings by hand each time they want to connect to
| an internet web site or the internal companyweb site.
|
| I'm not sure if this problem is in the scope of this newsgroup but it seems
| to follow on from what we were discussing before. Thanks also for all the
| Microsoft VPN information.
|
| Kind regards,
|
| Vic.
| ""Eric Sun [MSFT]"" <v-ericsu@online.microsoft.com> wrote in message
| news:VwZWZ7C3EHA.3744@cpmsftngxa10.phx.gbl...
| > Hi Vic,
| >
| > Thanks for your reply.
| >
| > I am afraid that I am not able to tell you why you could not access
| > sharepoint after using Symentec VPN connection,
| > since I am also not familiar with Symentec products. Are you sure the VPN
| > are working fine? The clients are getting
| > the correct VPN addresses? I think you may talk to symantec to report this
| > issue and try to troubleshoot on it.
| >
| > To me, I can only introduce some inforaiton on useing the Microsoft VPN
| > connection directly.
| >
| > Generally, we do not need to setup VPN connection manually in SBS 2k3,
| > which will bring so many options to
| > configure. Designed for SBS 2k3, the built-in connection Manager Package
| > will allow creating a VPN connection
| > automatically. This connection is optimized by SBS server and the XP
| > client users do not need to configure the
| > complicated connection. The following steps are for your reference.
| >
| > Open the server management and come to TO DO LIST
| > Run the 'Configure Remote Access' and allow VPN usage
| > Open server management and come to Client computer node
| > click the "Create Remote Connection disk" to launch the wizard
| > Finish the wizard to create the floppy
| > Run the setup.exe on the client computer from the floppy
| > The VPN connection will be created automatically which is optimized by SBS
| > 2k3 server.
| >
| > In addition, once you install the Connection Manager package
| > (sbspackage.exe) created by the SBS Remote Access
| > Wizard, you do not have the option to modify the predefined settings
| > within Network Connections at the client.
| >
| > If you want to modify the connection settings (such as FQDN of the SBS)
| > the connectoid is trying to connect, locate
| > the file remote.cms under the folder '%userprofile%\Application
| > Data\Microsoft\Network\Connections\Cm\remote'
| > on the client computer, and then use Notepad to edit remote.cms.
| >
| > For example, if you want to change the FQDN of SBS, you will change the
| > value of 'TunnelAddress' to reflect to the
| > correct address. Note that the changes only apply to the client, for best
| > results, you should rerun the 'Configure
| > Remote Access' Wizard with the correct FQDN, then reinstall Connection
| > Manager with the new sbspackage.exe
| > located at the ClientApps\Connection Manager folder.
| >
| > Hope that information helps.
| >
| > Best Regards,
| >
| > Eric Sun,
| > MCSE2000 / MSCA / MCDBA
| > Microsoft Online Partner Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > When responding to posts, please "Reply to Group" via
| > your newsreader so that others may learn and benefit
| > from your issue.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no rights
| > --------------------
| > | From: "Vic Russell" <nospam@nospam.com>
| > | References: <#hHRjl22EHA.1192@tk2msftngp13.phx.gbl>
| > <enagdN32EHA.3336@TK2MSFTNGP11.phx.gbl>
| > <JaJR8f32EHA.768@cpmsftngxa10.phx.gbl>
| > | Subject: Re: SBS2003, Sharepoint, VPN (and dialup) question
| > | Date: Mon, 6 Dec 2004 16:05:14 -0000
| > | Lines: 141
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-RFC2646: Format=Flowed; Original
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | Message-ID: <eNMsL162EHA.2316@TK2MSFTNGP15.phx.gbl>
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: host217-34-121-226.in-addr.btopenworld.com
| > 217.34.121.226
| > | Path:
| > cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
| > | Xref: cpmsftngxa10.phx.gbl microsoft.public.windows.server.sbs:127658
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | Thanks for that Eric. It may not nbe too bad as all the people who will
| > want
| > | to use companyweb will be logged on to the domain. I can go in through a
| > | terminal services session.
| > |
| > | However; I may still have a problem. The site uses a symantec firewall
| > that
| > | needs a special client for VPN. This is what I use for going in by
| > Terminal
| > | Services. The normal Microsoft VPN setup won't get through the firewall
| > and
| > | hence the need for the client. I can't see how when I am using this I am
| > | authenticated on the domain. However, I can use Outlook directly onto
| > the
| > | Exchange in SBS2003 via this VPN link.
| > |
| > | I have found that I can run the Microsoft VPN (and tunnel through I
| > presume)
| > | after connecting with the Symantec VPN client. This allows me to log in
| > with
| > | my user name and I get authenticated (I presume). However I still can't
| > get
| > | onto companyweb. What's more once I do this my Outlook can'e connect
| > and
| > | neither can the Remote Terminal Client.
| > |
| > | I really need to be sure that Remote users who often use their laptops
| > | directly onto the network when in the office, will be able to connect
| > via a
| > | VPN and use both Outlook, Sharepoint and the other network services
| > that
| > | they use when they are logged directly in the office. I think the
| > stumbling
| > | block is the Symantec VPN Client but surely there must be a way round
| > this.
| > |
| > | Any more thought very welcome.
| > |
| > | Kind regards,
| > |
| > | Vic
| > | ""Eric Sun [MSFT]"" <v-ericsu@online.microsoft.com> wrote in message
| > | news:JaJR8f32EHA.768@cpmsftngxa10.phx.gbl...
| > | > Hi Vic,
| > | >
| > | > Thanks for posting here.
| > | >
| > | > I am afraid that for SBS 2k3 server, to visit http://companyweb or
| > | > https://FQDN:444 through Internet, you must be
| > | > a domain user at least. Since Sharepoint service is a domain
| > integrated
| > | > service, it is only available for domain usage.
| > | > Non-domain users could not access and there is no work around for SBS
| > | > environment.
| > | >
| > | > For the VPN users, there is no additional configuration to access
| > | > http://companyweb. But, I would still suggest you to
| > | > run the CEICW wizard and configure the Internet connection.
| > | >
| > | > 825763 How to configure Internet access in Windows Small Business
| > Server
| > | > 2003
| > | > http://support.microsoft.com/?id=825763
| > | >
| > | > If you have any questions or concerns related to this issue, please
| > let me
| > | > know.
| > | >
| > | > I appreciate your time and look forward to hearing from you.
| > | >
| > | > Best Regards,
| > | >
| > | > Eric Sun,
| > | > MCSE2000 / MSCA / MCDBA
| > | > Microsoft Online Partner Support
| > | >
| > | > Get Secure! - www.microsoft.com/security
| > | >
| > | > =====================================================
| > | > When responding to posts, please "Reply to Group" via
| > | > your newsreader so that others may learn and benefit
| > | > from your issue.
| > | > =====================================================
| > | >
| > | > This posting is provided "AS IS" with no warranties, and confers no
| > rights
| > | > --------------------
| > | > | From: "Vic Russell" <nospam@nospam.com>
| > | > | References: <#hHRjl22EHA.1192@tk2msftngp13.phx.gbl>
| > | > | Subject: Re: SBS2003, Sharepoint, VPN (and dialup) question
| > | > | Date: Mon, 6 Dec 2004 09:10:33 -0000
| > | > | Lines: 40
| > | > | X-Priority: 3
| > | > | X-MSMail-Priority: Normal
| > | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | > | X-RFC2646: Format=Flowed; Response
| > | > | Message-ID: <enagdN32EHA.3336@TK2MSFTNGP11.phx.gbl>
| > | > | Newsgroups: microsoft.public.windows.server.sbs
| > | > | NNTP-Posting-Host: host217-34-121-226.in-addr.btopenworld.com
| > | > 217.34.121.226
| > | > | Path:
| > | >
| > cpmsftngxa10.phx.gbl!TK2MSFTNGXS01.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!
| > | > TK2MSFTNGP11.phx.gbl
| > | > | Xref: cpmsftngxa10.phx.gbl
| > microsoft.public.windows.server.sbs:127605
| > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > | > |
| > | > | I have got a little further! I can get onto Central Administration
| > by
| > | > | http://servername:8081
| > | > |
| > | > | This seems strange as I would have thought administration would be
| > | > harder to
| > | > | get onto than as a user.
| > | > |
| > | > | Any ideas?
| > | > |
| > | > | Regards,
| > | > |
| > | > | Vic
| > | > | "Vic Russell" <nospam@nospam.com> wrote in message
| > | > | news:%23hHRjl22EHA.1192@tk2msftngp13.phx.gbl...
| > | > | > Hi,
| > | > | >
| > | > | > We are just about to start using Sharepoint Services for a company
| > web
| > | > | > site (after upgrading to SBS2003 Premium edition). I need to be
| > sure
| > | > that
| > | > | > there is nothing to stop users accessing this remotely via either
| > VPN
| > | > or
| > | > | > dial-up. Most users will be members of the company domain but some
| > may
| > | > | > not - I am not.
| > | > | >
| > | > | > When I test this with my PC which is not a member of the target
| > domain
| > | > (I
| > | > | > dial in with ISDN and use Remote Desktop for support), I can get
| > onto
| > | > the
| > | > | > default server website but not onto companyweb.
| > | > | >
| > | > | > Is there a way around this for me (not a domain member)?
| > | > | >
| > | > | > Will there be a problem for domain users via VPN (the VPN is a
| > | > symantec
| > | > | > one using Symantec VPN Client 8)?
| > | > | >
| > | > | > Are there any other remote users pitfalls I should be aware of?
| > | > | >
| > | > | > Regards,
| > | > | >
| > | > | > Vic
| > | > | >
| > | > | >
| > | > | >
| > | > |
| > | > |
| > | > |
| > | >
| > | >
| > |
| > |
| > |
| >
| >
|
|
|

• Next message: Gus: "Re: CPU recommendation"
• Previous message: Gus: "Re: Still A Open Relay"
• In reply to: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Next in thread: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Reply: Vic Russell: "Re: SBS2003, Sharepoint, VPN (and dialup) question"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint