RE: Can't remote desktop to clients connected via VPN

The server has two nics: The WAN (200.67.XXX.XXX) and the LAN (192.168.16.2)
please let me also reiterate, that the VPN connection works well. It is just
that RDP does not work to clients connected via VPN (to all other clients it
works well)

Thanks for helping

IT PHYTOSAN

""Charles Yang [MSFT]"" wrote:

> Hi,
>
> Thanks for updates.
>
> From your description, I understand that you have only installed one NIC on
> the SBS 2003, but from your IP configuration, I found your DNS server is
> not point to the SBS server when establish VPN connection from remote
> clients. As you refer, you could not establish RDP connection also from
> internal clients, it might be occur on the client side, that the port 3389
> is not opened on the client side, you have to check if there is any process
> occupy the port 3389 or the 3389 port on the client side is not opened.
>
> Also you have to reconfigure your SBS NIC, as I referred you could not
> enable DHCP on your SBS server, please rerun CEICW to make sure that the
> DNS server on the internal clients and SBS server is point to SBS server IP
> address, in your scenario, you point all the setting to router's internal
> IP, it might be impossible for a SBS domain, this will also cause many
> network problem.
>
> Thanks for understanding, I will be here waiting for your updates.
>
>
>
> Best regards,
>
> Charles Yang (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> --------------------
> | Thread-Topic: Can't remote desktop to clients connected via VPN
> | thread-index: AcWZww5S0U5RpUMbRMuXW9Ka/MhOyA==
> | X-WBNR-Posting-Host: 200.67.110.198
> | From: "=?Utf-8?B?SVQgUEhZVE9TQU4=?="
> <ITPHYTOSAN@xxxxxxxxxxxxxxxxxxxxxxxxx>
> | References: <A56F3095-BB0C-4E57-AECA-E44711BD31D4@xxxxxxxxxxxxx>
> <PStkUGWmFHA.3472@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: RE: Can't remote desktop to clients connected via VPN
> | Date: Fri, 5 Aug 2005 06:39:08 -0700
> | Lines: 174
> | Message-ID: <BD2B45DA-8702-4848-8AB6-3DD6202A4BE9@xxxxxxxxxxxxx>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="Utf-8"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | Content-Class: urn:content-classes:message
> | Importance: normal
> | Priority: normal
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:141834
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | Thanks for helping. I am providing some answers to your questions in the
> | context below.
> |
> | IT PHYTOSAN
> |
> | ""Charles Yang [MSFT]"" wrote:
> |
> | > Hi Phytosan,
> | >
> | > Welcome to SBS newsgroup.
> | >
> | > Issue description:
> | > ===========
> | > I understand that you could not establish RDP connection after VPN to
> SBS
> | > domain.
> | >
> | >
> | > Analyzing and suggestion:
> | > ============
> | >
> | > Before we go any further, please clarify that which kinds of VPN
> connection
> | > you establish via windows VPN application or some hardware VPN
> connection.
> | > If this is the hardware VPN connection, you need to make sure that port
> | > 3389 is opened on the hardware. At your convenience, I would like to
> give
> | > you some general information for troubleshooting, please note that this
> | > will be based on Windows VPN connection:
> | >
> | > 1. If you RDP to that clients computer from internal client, does the
> issue
> | > still exist or not? yes
> | > 2. If possible, please check if you can browse internal resources after
> | > establishing VPN connection, for example some shared resources on
> internal
> | > clients.
> |
> | I can browse shared resources on the server from the vpn client but not
> | resources on the client from the server. Might this be a WINS issue?
> |
> | > 3. Please also try to logon RWW to see if you can RDP to internal
> client
> | > computer, you can logon RWW via http://server public IP address/remote
> to
> | > logon RWW. Please make sure that you have open port 4125 and 3389 at
> the
> | > router. You can run CEICW to automatically configure your SBS to allow
> | > Remote web workplace to be published to internet.
> |
> | I can not connect this way either
> | >
> | > 825763 How to configure Internet access in Windows Small Business
> Server
> | > 2003
> | > http://support.microsoft.com/?id=825763
> | >
> | > 4. Please also run IPconfig /all at the remote client and server side
> and
> | > paste the results to newsgroup for further research.
> |
> | Windows IP Configuration
> |
> | Host Name . . . . . . . . . . . . : PGMA00-05-XXXX
> | Primary Dns Suffix . . . . . . . : PHYTOSAN.gdl
> | Node Type . . . . . . . . . . . . : Hybrid
> | IP Routing Enabled. . . . . . . . : No
> | WINS Proxy Enabled. . . . . . . . : No
> | DNS Suffix Search List. . . . . . : PHYTOSAN.gdl
> | phytosan.gdl
> | PHYTOSAN.gdl
> |
> | Ethernet adapter Local Area Connection:
> |
> | Connection-specific DNS Suffix . : phytosan.gdl
> | Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet
> Adapter
> | Physical Address. . . . . . . . . : 00-11-5B-A7-C4-2D
> | Dhcp Enabled. . . . . . . . . . . : Yes
> | Autoconfiguration Enabled . . . . : Yes
> | IP Address. . . . . . . . . . . . : 192.168.3.3
> | Subnet Mask . . . . . . . . . . . : 255.255.255.0
> | Default Gateway . . . . . . . . . : 192.168.3.1
> | DHCP Server . . . . . . . . . . . : 192.168.3.1
> | DNS Servers . . . . . . . . . . . : 192.168.3.1
> | Lease Obtained. . . . . . . . . . : Thursday, August 04, 2005
> | 3:11:19 PM
> |
> | Lease Expires . . . . . . . . . . : Monday, January 18, 2038
> | 10:14:07 PM
> |
> |
> | PPP adapter Conectar a Small Business Server:
> |
> | Connection-specific DNS Suffix . : PHYTOSAN.gdl
> | Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> | Physical Address. . . . . . . . . : 00-53-45-00-00-00
> | Dhcp Enabled. . . . . . . . . . . : No
> | IP Address. . . . . . . . . . . . : 192.168.16.14
> | Subnet Mask . . . . . . . . . . . : 255.255.255.255
> | Default Gateway . . . . . . . . . : 192.168.16.14
> | DNS Servers . . . . . . . . . . . : 192.168.16.2
> | Primary WINS Server . . . . . . . : 192.168.16.2
> |
> |
> | >
> | > I appreciate your time to perform tests, if you have any further
> concerns,
> | > please feel free to let me know. I am glad to be of assistance.
> | >
> | >
> | >
> | > Best regards,
> | >
> | > Charles Yang (MSFT)
> | >
> | > Microsoft CSS Online Newsgroup Support
> | >
> | > Get Secure! - www.microsoft.com/security
> | >
> | > ======================================================
> | > This newsgroup only focuses on SBS technical issues. If you have issues
> | > regarding other Microsoft products, you'd better post in the
> corresponding
> | > newsgroups so that they can be resolved in an efficient and timely
> manner.
> | > You can locate the newsgroup here:
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | >
> | > When opening a new thread via the web interface, we recommend you check
> the
> | > "Notify me of replies" box to receive e-mail notifications when there
> are
> | > any updates in your thread. When responding to posts via your
> newsreader,
> | > please "Reply to Group" so that others may learn and benefit from your
> | > issue.
> | >
> | > Microsoft engineers can only focus on one issue per thread. Although we
> | > provide other information for your reference, we recommend you post
> | > different incidents in different threads to keep the thread clean. In
> doing
> | > so, it will ensure your issues are resolved in a timely manner.
> | >
> | > For urgent issues, you may want to contact Microsoft CSS directly.
> Please
> | > check http://support.microsoft.com for regional support phone numbers.
> | >
> | > Any input or comments in this thread are highly appreciated.
> | > ======================================================
> | > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> | >
> | >
> | > =====================================================
> | > When responding to posts, please "Reply to Group" via your newsreader
> so
> | > that others may learn and benefit from your issue.
> | > =====================================================
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> | >
> | > --------------------
> | > | Thread-Topic: Can't remote desktop to clients connected via VPN
> | > | thread-index: AcWYpxr2g8+sRClQRYGRcY9i/JhKcg==
> | > | X-WBNR-Posting-Host: 201.145.155.26
> | > | From: "=?Utf-8?B?SVQgUEhZVE9TQU4=?="
> | > <ITPHYTOSAN@xxxxxxxxxxxxxxxxxxxxxxxxx>
> | > | Subject: Can't remote desktop to clients connected via VPN
> | > | Date: Wed, 3 Aug 2005 20:46:32 -0700
> | > | Lines: 5
> | > | Message-ID: <A56F3095-BB0C-4E57-AECA-E44711BD31D4@xxxxxxxxxxxxx>
> | > | MIME-Version: 1.0
> | > | Content-Type: text/plain;
> | > | charset="Utf-8"
> | > | Content-Transfer-Encoding: 7bit
> | > | X-Newsreader: Microsoft CDO for Windows 2000
> | > | Content-Class: urn:content-classes:message
> | > | Importance: normal
> | > | Priority: normal
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:141332
> | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > |
> | > | I can not get a RDP connection to clients connected via VPN. Who can
> help?
> | > |
> | > | Thanks
> | > |
> | > | IT PHYTOSAN
> | > |
> | >
> | >
> |
>
>
.

Relevant Pages

  • RE: VPN issue on SBS2003
    ... I understand that you encountered VPN connection issue when you use VPN to ... Internet clients or VPN to external VPN Server from SBS Client computers? ... Configure E-mail and Internet Connection Wizard ... Total GRE packets sent = 1 ...
    (microsoft.public.windows.server.sbs)
  • RE: PPTP VPN connection problems
    ... The problem is that the VPN does not disconnect. ... However after some idle period I can not send packets across the connection. ... A ping to the server would result in "Request timed out". ... If I connect with the VPN client locally to the internet ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Ports to Open
    ... the VPN connection after you change the firewall before SBS. ... On the server, please stop the Routing and Remote Access service. ... Total GRE packets sent = 1 ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows 2003 VPN Default Gateway Issues
    ... Ethernet adapter Local Area Connection: ... If the VPN server is configured to use a static IP address ... the default gateway on the client is not the problem. ...
    (microsoft.public.windows.server.networking)
  • RE: VPN Connectivity issues through LAN
    ... I understand that you cannot ping SBS after ... you can establish VPN connection from the remote LAN. ... You have to rerun the CEICW to make sure your SBS 2003 server have right ...
    (microsoft.public.windows.server.sbs)