RE: Netgear fvx538 and Prosafe VPN Client

---

• From: cameye@xxxxxxxxxxxxxxxxxxxx (Cameron Ye (MSFT))
• Date: Thu, 26 May 2005 08:06:19 GMT

---

Hi Richard,

My name is Cameron and I am Crina's colleague. Crina has discussed this
issue with me and I would like to provide the following suggestions
regarding this post:

I have read the whole thread very carefully. However, it seems that the
symptom is still not very clear because perhaps there are some
communication misunderstandings between us. To speed up the process, I
would like to clarify the following information:

1. The network diagram is below:

LAN(workgroup) - Switch - NetGear328 -site-to-site vpn-- Netgear538 - SBS -
Switch - LAN

You have established the site-to-site VPN connection between NetGear328 and
Netgear538. If we have misunderstood your concerns, please do not hesitate
to let us know.

2. Do the machines in the LAN can directly contact Netgear 538 without
going through the SBS? If not, it means that all clients in the LAN must
access the external network through the SBS, right?
3. If my understanding is correct, "connect to the network at your
workplace" you mentioned in the post means that you establish the VPN
connection from the client (laptop or another workstation), right?
4. You said "While on the laptop attached to the workgroup using the
'connect to the network at your workplace' metaphor I can ping the server
by its name and it resolves to 192.168.1.2, 4 packets sent four packets
received". I have 2 questions here:

1) Do you mean that you can PING the SBS server from the laptop that is in
LAN (workgroup) after you establish the VPN connection from the laptop to
Netgear538 OR to the SBS server?
2) Is the IP 192.168.1.2 the internal IP of the SBS?

5. You said "If I attempt to ping a workstation under the same conditions,
using the workstation name, it resolves to the correct IP of the
workstation and receives only the first packet the other three time out".
My understanding is that you PING the computer name of the workstation that
is in the LAN from the laptop after you establish the VPN connection from
the laptop, right?
6. You have tested on another workstation that is in LAN (Workgroup) but
the result is the same, right?
7. What is your current requirement? By my understanding, you want the
workstations in LAN (Workgroup) to access the SBS and the LAN behind the
SBS without establish the VPN connection between the workstations and the
SBS or the Netgear538? If this is true, you should enable the VPN function
on the SBS 2003, and then establish the site-to-site VPN connection between
NetGear328 and the SBS server (When you do this, you may need to configure
NetGear538 to allow the VPN traffic going-through).

This is because that the workstations in LAN (Workgroup) can only access
the network between the NetGear 538 and the external NIC of the SBS if we
establish the VPN connection between the NetGear328 and NetGear538. The
workstations cannot access the LAN behind the SBS.

Also, as your first thread stated, if you want the workstations in the LAN
(workgroup) to access the LAN behind the SBS, simply establishing the VPN
connections from the workstation to the NetGear538 will not work since SBS
will block the traffic.

To establish the site-to-site VPN connection between the NetGear 328 to the
SBS, we may perform the following steps:

1) Make sure the ISA has been installed on the SBS.
2) For the configuration part of the ISA side, we may refer to the
following documents:

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 1
http://www.isaserver.org/tutorials/g2gisa2rraspart1.html

Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 2
http://www.isaserver.org/articles/g2gisa2rraspart2.html

Connecting a Remote Office to a Small Business Server 2000 Network
http://www.microsoft.com/technet/prodtechnol/sbs/2000/maintain/remotofc.mspx

3) For the configuration part of the NetGear328, please contact the NetGear
support.

Please understand that the above questions are very important for us to
better understand the issue, I appreciate if you could answer them
one-by-one so that we can resolve the issue as soon as possible.

Please let us know if you have any concerns. Thank you for your patience
and cooperation.

Best regards,

Cameron Ye

MCSE NT4/2K, MCDBA 2000, MCSA 2003

Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights

.

---

• References:
  • Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Crina Li (MSFT)
  • RE: Netgear fvx538 and Prosafe VPN Client
    • From: Richard Hissong

• Prev by Date: Re: memory still dropping Mr M Hayes..or anyone
• Next by Date: RE: Session Directory (Repost)
• Previous by thread: RE: Netgear fvx538 and Prosafe VPN Client
• Next by thread: Win 2003 SBS GPO Security Group Filtering
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Routing to remote office... ... Vigor routers (even better if you give us the whole IP scenario, ... Javier [SBS MVP] ... > We have also configured a couple of Vigor routers on the Internal LAN ... > permanent site-to-site VPN connection [simply routed across the 'existing' ... (microsoft.public.backoffice.smallbiz2000) Re: Connectivity between Two Subnets ... Cris Hanna [SBS - MVP] ... I have a Sonicwall with IP 192.168.15.1 and one ... > workstation with IP 192.168.15.10; I need this tunnel up all the time so ... >>> on a LAN at 192.168.15.x. ... (microsoft.public.windows.server.sbs) Re: Remote Desktop Connection and client PC? ... As you have VPN set up, you connect to your sbs via VPN, and then use an RDP ... connection to connect to the workstation either by name or ip address. ... with and without a VPN connection. ... (microsoft.public.backoffice.smallbiz2000) Re: Remote Desktop Connection and client PC? ... As you have VPN set up, you connect to your sbs via VPN, and then use an RDP ... connection to connect to the workstation either by name or ip address. ... with and without a VPN connection. ... (microsoft.public.windows.server.sbs) Re: Routing to remote office... ... > ipconfig /all from a workstation on each lan should suffice) we can come ... > the Vigor's VPN instead of just the internet? ... Because they're pointed at the external NIC addresses of each SBS box rather ... >> creating a VPN connection from the client to the Site 2 SBS box. ... (microsoft.public.backoffice.smallbiz2000)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2005-05