RE: VPN via extended firewall toSBS2003

Hi Thuur,

Thank you for posting back.

Please go ahead to do the tests and collect the info for me.

I look forward to your further update.

Bill Peng
MCSE 2000, MCDBA
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so that others may learn and
benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: VPN via extended firewall toSBS2003
>thread-index: AcVBHMIStmB/1EMpTai2Zdl/y5N94A==
>X-WBNR-Posting-Host: 82.204.1.58
>From: "=?Utf-8?B?VGh1dXI=?=" <Thuur@xxxxxxxxxxxxxxxxxxxxxxxxx>
>References: <BE84F163-2488-41D6-B034-B0E932AEFE8B@xxxxxxxxxxxxx> <sF2r9OAQFHA.2944
@TK2MSFTNGXA01.phx.gbl>
>Subject: RE: VPN via extended firewall toSBS2003
>Date: Thu, 14 Apr 2005 11:07:02 -0700
>Lines: 109
>Message-ID: <2A62FCA1-37C1-43CC-BD0C-7C86F154B85D@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>Path: TK2MSFTNGXA01.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:111255
>NNTP-Posting-Host: tk2msftngxa03.phx.gbl 10.40.2.157
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Hi Bill,
>
>I can ping the IP number of the server, but I cannot ping the
>servername.domain.local via the VPN
>
>If the client is connected to my office network via a switch, I can ping
>both the IP number and the servername.doamin.local
>
>I have to check the subnet, will let you know
>Thuur
>
>"Bill Peng [MSFT]" wrote:
>
>> Hi Thuur,
>>
>> Thank you for posting in the SBS newsgroup.
>>
>> Is the remote computer able to ping the SBS Server's FQDN? (servername.domain.local) Is the remote
>> computer able to ping other corporate computers' IP/NetBIOS/FQDN?
>>
>> First of all, please try ping the SBS machine with -a switch. To do so:
>>
>> 1. Open CMD prompt.
>> 2. Key in the following command and press Enter.
>> Ping -a xxx.xxx.xxx.xxx (where xxx.xxx.xxx.xxx is the IP address of the SBS machine.)
>> 3. Let me know the outcome.
>>
>> Then, please run NBTstat /RR command on the client computer. (Note: the /RR are capital letters.)
>>
>> Please make sure that the corporate LAN and the remote XP computer's local network are not sharing
the
>> same subnet. (For example, if your corporate LAN is on 192.168.0.x, the remote client computer's
network
>> should be on 192.168.1.x.)
>>
>> Please let me know the following commands' output from both the server and the client:
>>
>> 1. IPConfig /all
>> 2. Route Print
>>
>> For a quick solution:
>>
>> 1. On the problematic computer, go to c:\windows\system32\drivers\etc\ directory.
>> 2. Rename lmhosts.sam to lmhosts.
>> 3. Open lmhosts with Notepad.
>> 4. Add the following content at the end of the file:
>> xxx.xxx.xxx.xxx SBSNETBIOSNAME
>> (where xxx.xxx.xxx.xxx is the IP address of the SBS machine and the SBSNETBIOSNAME is the SBS
>> machine's NetBIOS name.)
>> 5. Save the file and reboot the computer.
>>
>> I hope the above info helps.
>>
>> Any update, let's get in touch.
>>
>> Bill Peng
>> MCSE 2000, MCDBA
>> Microsoft CSS Online Newsgroup Support
>>
>> Get Secure! - www.microsoft.com/security
>> =====================================================
>> When responding to posts, please "Reply to Group" via your newsreader so that others may learn and
>> benefit from your issue.
>> =====================================================
>> This posting is provided "AS IS" with no warranties, and confers no rights.
>>
>>
>> --------------------
>> >Thread-Topic: VPN via extended firewall toSBS2003
>> >thread-index: AcU/ZPxxMyQEREUYTAaCTMKV0QP2bQ==
>> >X-WBNR-Posting-Host: 82.204.1.58
>> >From: "=?Utf-8?B?VGh1dXI=?=" <Thuur@xxxxxxxxxxxxxxxxxxxxxxxxx>
>> >Subject: VPN via extended firewall toSBS2003
>> >Date: Tue, 12 Apr 2005 06:39:01 -0700
>> >Lines: 16
>> >Message-ID: <BE84F163-2488-41D6-B034-B0E932AEFE8B@xxxxxxxxxxxxx>
>> >MIME-Version: 1.0
>> >Content-Type: text/plain;
>> > charset="Utf-8"
>> >Content-Transfer-Encoding: 7bit
>> >X-Newsreader: Microsoft CDO for Windows 2000
>> >Content-Class: urn:content-classes:message
>> >Importance: normal
>> >Priority: normal
>> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>> >Newsgroups: microsoft.public.windows.server.sbs
>> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
>> >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>> >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:110490
>> >X-Tomcat-NG: microsoft.public.windows.server.sbs
>> >
>> >Hi,
>> >I have in our network a SBS2003 and a separate firewall. Via this firewall I
>> >have a VPN connection to my house. I can now setup the VPN from my house
>> >using an XP proffesional laptop.
>> >If I'm connected to the officenetwork I can surf all across the office
>> >network and can also PING the IP address of the SBS2003
>> >
>> >I cannot PING the name of our SBS2003 server (only the ip address).
>> >That means that I can also not open outlook 2003 via exchange.
>> >
>> >As far as I know the problem is that I cannot ping 'server1' (name of our
>> >server)
>> >
>> >Can anybody help me out how I can solve this.
>> >
>> >Thanks
>> >
>>
>>
>>
>


.

Relevant Pages

  • Re: Unable to ping a workstation
    ... Networking, Internet, Routing, VPN Troubleshooting on ... How to Setup Windows, Network, VPN & Remote Access on ... started the workstation does not ping. ...
    (microsoft.public.windowsxp.network_web)
  • VPN client connects but cannot ping/map drives
    ... I have setup VPN on a W2K server at work which has a domain. ... ping computers and map drives ... ... he cannnot map drive or ping any other ... computers on the network. ...
    (microsoft.public.win2000.networking)
  • Re: VPN users are unable to access the private network =/
    ... I can ping BOTH interfaces on the VPN server ... I can reach machines on the network if I forward specific ports to the ...
    (microsoft.public.win2000.networking)
  • Re: Home network problems.
    ... can you ping the ics host? ... Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on ... >I set up a home network between my two pcs using the xp pro wizard. ...
    (microsoft.public.windowsxp.network_web)
  • Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
    ... This set of steps is redundant in many places, and it's also enormously expensive, since you're using no less than three different expensive bits of networking hardware (AP, PIX, VPN Concentrator), in addition to a bunch of x86 server hardware, windows server licenses, and at least one ISA license. ... Your computers necessarily don't have full access to your network infrastructure when they aren't logged on, so GPOs, software updates, etc can't be applied at the times you want them to be applied. ... Turning on, enabling, and implementing every possible security setting and device you think of is not defence in depth, and will probably only have two effects - your users won't use your wireless network, and you'll burn so much cash you won't have any left to spend on *useful* security measures. ...
    (Full-Disclosure)