RE: Connecting to resources over a SBS 2003 VPN
- From: "Neil TCC" <NeilTCC@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 20 Jul 2005 02:34:03 -0700
Hi Edward, thanks for your reply,
Sorry for the delay i had a problem with my Net passport as i could not view
this thread.
Yes you are right regarding the tunnel connecting, just to let you know we
are using
In response to your questions:-
1: SBS 2003 Standard so ISA server is not installed.
Service PAck 1 is applied
The routing table for the server is:-
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.0.1
192.168.0.254 1
82.118.121.88 255.255.255.255 192.168.0.1
192.168.0.254 1
127.0.0.0 255.0.0.0 127.0.0.1
127.0.0.1 1
169.254.0.0 255.255.0.0 169.254.254.223
169.254.254.223 10
169.254.254.223 255.255.255.255 127.0.0.1 127.0.0.1
10
169.254.255.255 255.255.255.255 169.254.254.223 169.254.254.223
10
192.168.0.0 255.255.255.0 192.168.0.254
192.168.0.254 20
192.168.0.56 255.255.255.255 127.0.0.1
127.0.0.1 50
192.168.0.254 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.0.255 255.255.255.255 192.168.0.254
192.168.0.254 20
224.0.0.0 240.0.0.0 169.254.254.223
169.254.254.223 10
224.0.0.0 240.0.0.0 192.168.0.254
192.168.0.254 20
255.255.255.255 255.255.255.255 169.254.254.223 169.254.254.223
1
255.255.255.255 255.255.255.255 192.168.0.254 192.168.0.254
1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
Client when the VPN is enabled is as follows:-
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 192.168.0.1
192.168.0.20 21
0.0.0.0 0.0.0.0 192.168.0.53
192.168.0.53 1
83.105.49.143 255.255.255.255 192.168.0.1 192.168.0.20
20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
192.168.0.0 255.255.0.0 192.168.0.20 192.168.0.20
20
192.168.0.20 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.0.53 255.255.255.255 127.0.0.1 127.0.0.1
50
192.168.0.255 255.255.255.255 192.168.0.20 192.168.0.20
20
192.168.0.255 255.255.255.255 192.168.0.53 192.168.0.53
50
224.0.0.0 240.0.0.0 192.168.0.20
192.168.0.20 20
224.0.0.0 240.0.0.0 192.168.0.53
192.168.0.53 1
255.255.255.255 255.255.255.255 192.168.0.20 192.168.0.20
1
255.255.255.255 255.255.255.255 192.168.0.20 4
1
255.255.255.255 255.255.255.255 192.168.0.53 192.168.0.53
1
Default Gateway: 192.168.0.53
===========================================================================
Persistent Routes:
None
2: Clients have been added to the Domain, they connect to resources fine
when they are i the LAN, the problem only occurs over the VPN
3: I am trying to connect two clients and both are having the same problem,
i have also tried to use the VPN on clients not part of this domain, again
they authenticate fine but cannopt browse any Network locations, however it
seems that a lot more packets are sent and received using the machines that
are not part of the domain.
4: Can Ping the IP Address but not the server name
5: Internal users can connect fine
6:Windows IP Configuration
Host Name . . . . . . . . . . . . : SimonJan05
Primary Dns Suffix . . . . . . . : FUAL.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : FUAL.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigab
Ethernet NIC
Physical Address. . . . . . . . . : 00-01-4A-1C-57-5F
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.20
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : 20 July 2005 10:21:05
Lease Expires . . . . . . . . . . : 23 July 2005 10:21:05
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2200BG Netw
Connection
Physical Address. . . . . . . . . : 00-0E-35-B6-7C-7B
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 255.255.255.255
PPP adapter FUAL:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.52
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.0.52
DNS Servers . . . . . . . . . . . : 192.168.0.254
Primary WINS Server . . . . . . . : 192.168.16.2
7: No we cannot connect using \\servername\shared folder
Many thanks for your help on this one i look forward to hearing from you.
Kind Regards
Neil TCC
"Edward Tian" wrote:
> Hi Neil:
> Thank you for posting here.
> From your description, the remote client can establish the VPN tunnel
> successfully, but won't be able to access the shared resources from the
> internal network. If I am off-base, please feel free to let me know.
> To narrow down the issue, I'd like to check the following information:
> 1. Do you have your ISA server installed? If so, which version do you
> install? ISA2000 or ISA2004?
> Is SBS 2003 SP1 applied? This is a known bug for Windows 2003 SP1+ISA
> server 2000. In this scenario, the VPN tunnel can be established but no
> traffic can go through. You can try the resolution in the article below:
> 897651 VPN clients can no longer access internal resources after you
> install Windows Server 2003 Service Pack 1 on a computer that is running
> ISA Server 2000:
> http://support.microsoft.com/?id=897651
> Note: According to the article, we should not only obtain the Hotfix but
> also modify the registry.
> If there is no ISA installed, the problem could be related to the routing
> table. Use 'route print' command to collect the routing information from
> both the server and the VPN client and then paste the result to me for
> further analysis.
> 2. Have you added this remote client to the domain?
> 3. Can the problem be reproduced on all the remote clients or just one?
> 4. Can you ping the internal IP address of the server from your remote
> client? You can try twice by using the IP address and the server name.
> 5. Can internal users access the other resources which remote user can't
> access? Can internal users see all computers (server and all PCs) from My
> Network Places?
> 6. Once the VPN connection is made, run ''ipconfig/all'' result on the VPN
> client and paste the result to me at your convenience.
> 7. Can the remote client access the other shares from using the command
> \\computername\sharefolder?
>
> Hope it helps, please do let me know the result of the steps above, I look
> forward to hearing from you.
> If you have anything unclear, please feel free to let me know, I am glad to
> be of the assistance.
>
> Have a nice day, Neil!
>
> Best Regards
> Edward Tian(MSFT)
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
.
- Follow-Ups:
- RE: Connecting to resources over a SBS 2003 VPN
- From: Edward Tian
- RE: Connecting to resources over a SBS 2003 VPN
- References:
- Connecting to resources over a SBS 2003 VPN
- From: Neil TCC
- RE: Connecting to resources over a SBS 2003 VPN
- From: Edward Tian
- Connecting to resources over a SBS 2003 VPN
- Prev by Date: Re: Multi homed question
- Next by Date: RE: Fax to Document Folders not working
- Previous by thread: RE: Connecting to resources over a SBS 2003 VPN
- Next by thread: RE: Connecting to resources over a SBS 2003 VPN
- Index(es):
Relevant Pages
|
