RE: Sharing VPN client connection
- From: v-branee@xxxxxxxxxxxxxxxxxxxx ("Brandy Nee [MSFT]")
- Date: Mon, 08 Aug 2005 08:13:06 GMT
Hello Colin,
Thank you for posting back.
>From your reply, I understand that you want to configure the SBS 2K3 server
as a VPN server, configure the internal clients to connect the remote
office by VPN connection and then access to the Internet from the Remote
office. If I have misunderstood your concern, do let me know.
To do so, you need to configure the VPN connection to use the default
gateway on the remote network. This setting overrides the default gateway
settings that you specify in your Transmission Control Protocol/Internet
Protocol (TCP/IP) settings. To do so, please see:
1> Rerun CEICW.
During running the CEICW, you need to meet the following two conditions:
a. Two NICs have been enabled on the SBS 2K3 server.
b. Enable internal clients to access the Internet.
For detailed steps, please refer to the following KB article:
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/?id=825763
2> After finish running CEICW, you need to run New Connection Wizard.
a. On the server, go to My Network Places, click New Connection Wizard.
b. Select Connect to the Network at my workplace. Click OK.
c. Proceed to the Network Connection page, select Virtual Private Network
connection. Click OK.
d. Proceed to the VPN Server Selection page and input the Remote office IP
address.
e. Select Anyone's use in the Connection Availability page.
f. Finish rest of the wizard.
g. Then you can see the VPN connection icon is shown in the Network
Connections.
h. Right click the icon and go to Properties.
i. Go to Networking tab -> Highlight Internet Protocol (TCP/IP). Select
Properties.
j. Click Advanced, the General tab, make sure that the box Use default
gateway on remote network has being checked.
For your additional information:
You Cannot Connect to the Internet After You Connect to a VPN Server
http://support.microsoft.com/?id=317025
Hope this information helps. If anything is unclear, please feel free to
let me know. I am looking forward to your reply!
Best regards,
Brandy Nee
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Thread-Topic: Sharing VPN client connection
>thread-index: AcWarDISxM6AfhpUTqyb431R6+3j7g==
>X-WBNR-Posting-Host: 209.59.65.51
>From: "=?Utf-8?B?Q29saW45MTE=?=" <Colin911@xxxxxxxxxxxxxxxxxxxxxxxxx>
>References: <197D8CB0-6B99-4203-8473-D29AEAAD6EF8@xxxxxxxxxxxxx>
<xvulWKZmFHA.588@xxxxxxxxxxxxxxxxxxxxx>
<C5C8C4C6-BBEE-4E5C-941B-26DB5C49E77F@xxxxxxxxxxxxx>
>Subject: RE: Sharing VPN client connection
>Date: Sat, 6 Aug 2005 10:28:01 -0700
>Lines: 183
>Message-ID: <150FC2D1-6C34-429B-8734-84E045096B92@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:142016
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>I tried the site to site VPN as discussed, but that does not work for my
>purpose.
>
>"Colin911" wrote:
>
>> Thanks for the involved answer. Here are the answers to your questions:
>>
>> Network Toppology is almost correct:
>> {Remote office} {Router(modem)} {NIC1} {SBS 2K3} {NIC2} {Internal
clients}
>>
>> Don't have ISA server.
>>
>> "forward internet from NIC1 to NIC2" :: By this I mean that I want NIC2
to
>> get internet from NIC1 (I.E. I want internal network to get internet).
This
>> is have been able to do, but I wwant the entire internal network to get
>> internet that goes through the VPN. This could be a site to site VPN,
I'm not
>> sure.
>>
>> "Nothing is going through the VPN-C like it used to" :: I used to have
the
>> old server set up as I described above. (e.g. If any of the internal
clients
>> tried to go to whatismyip.com, they would not get the IP address
assigned to
>> me by my ISP.) They would get the IP address of the the offsite VPN
server.
>> I can get my local server to show that offsite IP address when VPN-C is
>> connected. But I can't make it so that my local internal network acts
that
>> way. Hope this makes more sense.
>>
>>
>> ""Brandy Nee [MSFT]"" wrote:
>>
>> > Hello Colin,
>> >
>> > Thank you for posting to the SBS Newsgroup.
>> >
>> > I am sorry that I cannot completely understand your concern, so I need
to
>> > gather the following information, please see:
>> >
>> > 1> Please explain in detail "forward internet from NIC1 to NIC2" and
>> > "Nothing is going through the VPN-C like it used to".
>> >
>> > 2> Do you have ISA server installed on the SBS server? If yes, what is
the
>> > version, ISA 2K or ISA 2K4?
>> >
>> > 3> Please draw a Network Topology to the Newsgroup for us to better
>> > understand your network connection. For example:
>> >
>> > {Remote office} {Router} {ISA} {NIC1} {SBS 2K3} {NIC2} {Internal
clients}
>> >
>> > 4> Do you mean you want to set up site to site VPN connection for SBS
2K3
>> > internal clients to visit remote office? If it is, please see my
following
>> > suggestions:
>> >
>> > 1. First of all, you need to rerun the Configure E-mail and Internet
>> > Connection Wizard. Please go to Server Management\Standard
>> > Management\Internet and E-mail\Connect to the Internet and refer to
the
>> > following KB article for detail steps:
>> >
>> > How to configure Internet access in Windows Small Business Server 2003
>> > http://support.microsoft.com/?id=825763
>> >
>> > [Note]: When you proceed to Services Configuration page, make sure
that you
>> > have checked the box VPN.
>> >
>> > 2. After you finishing running the CEICW wizard, you need to run the
Remote
>> > Access Wizard (Server Management\Standard Management\Internet and
>> > E-mail\Configure Remote Access) to Configure the VPN remote access.
>> >
>> > When you proceeding to the VPN Server Name page, type the fully
qualified
>> > host name used to access your server from the Internet or the external
IP
>> > address of the router in the "Server name" box. Finish rest of the
wizard.
>> >
>> > 3. For your additional information, please see:
>> >
>> > 323381 How To Allow Remote Users to Access Your Network in Windows
Server
>> > 2003
>> > http://support.microsoft.com/?id=323381
>> >
>> > How To Install and Configure a Virtual Private Network Server in
Windows
>> > Server 2003
>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;323441
>> >
>> > Remote Access Overview for Windows Server 2003
>> >
http://www.microsoft.com/windowsserver2003/techinfo/overview/remoteaccess.ms
>> > px
>> >
>> > HOW TO: Provide Secure Point-to-Point Communications Across a Private
>> > Network or the Internet in Windows Server 2003
>> > http://support.microsoft.com/default.aspx?scid=kb;en-us;324747
>> >
>> > I am appreciated your time. If anything is unclear, please let me
know. I
>> > am looking forward to hearing from you!
>> >
>> > Best regards,
>> >
>> > Brandy Nee
>> >
>> > Microsoft CSS Online Newsgroup Support
>> >
>> > Get Secure! - www.microsoft.com/security
>> > ======================================================
>> > This newsgroup only focuses on SBS technical issues. If you have
issues
>> > regarding other Microsoft products, you'd better post in the
corresponding
>> > newsgroups so that they can be resolved in an efficient and timely
manner.
>> > You can locate the newsgroup here:
>> > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>> >
>> > When opening a new thread via the web interface, we recommend you
check the
>> > "Notify me of replies" box to receive e-mail notifications when there
are
>> > any updates in your thread. When responding to posts via your
newsreader,
>> > please "Reply to Group" so that others may learn and benefit from your
>> > issue.
>> >
>> > Microsoft engineers can only focus on one issue per thread. Although
we
>> > provide other information for your reference, we recommend you post
>> > different incidents in different threads to keep the thread clean. In
doing
>> > so, it will ensure your issues are resolved in a timely manner.
>> >
>> > For urgent issues, you may want to contact Microsoft CSS directly.
Please
>> > check http://support.microsoft.com for regional support phone numbers.
>> >
>> > Any input or comments in this thread are highly appreciated.
>> > ======================================================
>> > This posting is provided "AS IS" with no warranties, and confers no
rights.
>> >
>> >
>> >
>> > --------------------
>> > >Thread-Topic: Sharing VPN client connection
>> > >thread-index: AcWY8/oMq8fd1Ap2S8agWW8mv+cpFg==
>> > >X-WBNR-Posting-Host: 209.59.65.51
>> > >From: "=?Utf-8?B?Q29saW45MTE=?=" <Colin911@xxxxxxxxxxxxxxxxxxxxxxxxx>
>> > >Subject: Sharing VPN client connection
>> > >Date: Thu, 4 Aug 2005 05:56:48 -0700
>> > >Lines: 24
>> > >Message-ID: <197D8CB0-6B99-4203-8473-D29AEAAD6EF8@xxxxxxxxxxxxx>
>> > >MIME-Version: 1.0
>> > >Content-Type: text/plain;
>> > > charset="Utf-8"
>> > >Content-Transfer-Encoding: 7bit
>> > >X-Newsreader: Microsoft CDO for Windows 2000
>> > >Content-Class: urn:content-classes:message
>> > >Importance: normal
>> > >Priority: normal
>> > >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>> > >Newsgroups: microsoft.public.windows.server.sbs
>> > >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>> > >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>> > >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:141475
>> > >X-Tomcat-NG: microsoft.public.windows.server.sbs
>> > >
>> > >I have Win Small business server just installed on a fresh new
server.
>> > This
>> > >server is replacing another that was just a backup server and that
shared
>> > an
>> > >internet connection to the rest of the computers on my LAN.
>> > >
>> > >The old server had the following configuration with Win 2003 server:
2
>> > nick
>> > >cards, NIC1 connected to my modem, and the other (NIC2) connecting to
the
>> > >rest of my internal network. Routing and remote access was off,
which
>> > meant
>> > >that I could ICS the connection from NIC1 to NIC2.
>> > >
>> > >Now my ISP blocks my Vonage device, so to bypass ISP blocks I used my
old
>> > >server to establish a client connection to a server in another part
of the
>> > >world, that way my isp could not see what I was doing. So then the
VPN
>> > >client connection (Call it VPN-C) connected through NIC1 and I shared
it's
>> > >connectivity to NIC2. Then my entire office connects through the VPN
>> > >connection and my ISP does not see a thing. The ideal setup for my
>> > >environment.
>> > >
>> > >So now I have this new server and i would like to do the same thing
but
>> > with
>> > >Routing and Remote Access enabled so that I can do other stuff. I
have
>> > set
>> > >up routing and remote access with NAT, but all that has done is
forward
>> > >internet from NIC1 to NIC2. Nothing is going through the VPN-C like
it
>> > used
>> > >to.
>> > >
>> > >Can anyone help me set this up with routing and remote Access?
>> > >
>> >
>> >
>
.
- References:
- Sharing VPN client connection
- From: Colin911
- RE: Sharing VPN client connection
- From: "Brandy Nee [MSFT]"
- RE: Sharing VPN client connection
- From: Colin911
- RE: Sharing VPN client connection
- From: Colin911
- Sharing VPN client connection
- Prev by Date: snap-in failed to inicialize
- Next by Date: Re: RDP connectivity to SBS2003 lost
- Previous by thread: RE: Sharing VPN client connection
- Next by thread: WSUS-Selfupdate doesn't work
- Index(es):
Relevant Pages
|
