Re: VPN Router query
- From: v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles Yang [MSFT]")
- Date: Mon, 31 Oct 2005 07:17:40 GMT
Hi,
Thanks for updates.
>From your route print, it seems there is some problem on the routing table,
first you need to change the metric of 0.0.0.0 from 1 to 20, as I test it
would be set to 20 by default on every workstation and server computer.
Please also delete the routing rule for 20.0.0.0 then create a new rule for
20.0.0.0 make sure that network work mask is set to 255.255.255.0 and
metric is set to 1.
If possible, we suggest you try to check to see if you can change the
default gateway on the Windows 2003 server to point to the router directly
to see if you can access the Windows 2003 server directly from remote site;
it will help us isolate the issue more clearly.
Thanks again for your effort on this issue. I am glad to be of further
assistance.
Best regards,
Charles Yang (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Robbie Niblock" <robbie@xxxxxxxxxx>
| References: <#c3RTJw2FHA.2292@xxxxxxxxxxxxxxxxxxxx>
<CcUwvb42FHA.1948@xxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: VPN Router query
| Date: Fri, 28 Oct 2005 12:57:14 +0100
| Lines: 341
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <e91W#a72FHA.3296@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: demon-gw.systemencore.co.uk 80.176.160.1
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:165496
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Charles
|
| Thankyou for the response!
|
| First of all - I also need the remote site to access the SBS machine.
|
| Here are the ipconfig /all and route print results:
|
|
| SBS Machine:
|
| Windows IP Configuration
|
|
|
| Host Name . . . . . . . . . . . . : server01
| Primary Dns Suffix . . . . . . . : domain.local
| Node Type . . . . . . . . . . . . : Unknown
| IP Routing Enabled. . . . . . . . : Yes
| WINS Proxy Enabled. . . . . . . . : Yes
| DNS Suffix Search List. . . . . . : mckeefry.local
|
|
| Ethernet adapter Server Local Area Connection:
|
|
| Connection-specific DNS Suffix . :
|
| Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
| Physical Address. . . . . . . . . : 00-09-6B-A5-A5-36
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 10.0.0.4
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . :
| DNS Servers . . . . . . . . . . . : 10.0.0.4
| Primary WINS Server . . . . . . . : 10.0.0.4
|
|
| PPP adapter RAS Server (Dial In) Interface:
|
| Connection-specific DNS Suffix . :
|
| Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
| Physical Address. . . . . . . . . : 00-53-45-00-00-00
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 10.0.0.27
| Subnet Mask . . . . . . . . . . . : 255.255.255.255
| Default Gateway . . . . . . . . . :
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
|
|
| Ethernet adapter Router Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Intel(R) PRO/100 S Desktop Adapter
| Physical Address. . . . . . . . . : 00-02-B3-D7-12-E9
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.1.10
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . : 192.168.1.1
| DNS Servers . . . . . . . . . . . : 10.0.0.4
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| C:\Documents and Settings\Administrator>route print
|
| IPv4 Route Table
|
===========================================================================
| Interface List
| 0x1 ........................... MS TCP Loopback interface
| 0x2 ...00 09 6b a5 a5 36 ...... Broadcom NetXtreme Gigabit Ethernet -
Packet
| eduler Miniport
| 0x10003 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
| 0x10004 ...00 02 b3 d7 12 e9 ...... Intel(R) PRO/100 S Desktop Adapter
|
===========================================================================
|
===========================================================================
| Active Routes:
| Network Destination Netmask Gateway Interface
Metric
| 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10
1
| 10.0.0.0 255.255.255.0 10.0.0.4 10.0.0.4
10
| 10.0.0.4 255.255.255.255 127.0.0.1 127.0.0.1
10
| 10.0.0.10 255.255.255.255 10.0.0.27 10.0.0.27
1
| 10.0.0.22 255.255.255.255 10.0.0.27 10.0.0.27
1
| 10.0.0.26 255.255.255.255 10.0.0.27 10.0.0.27
1
| 10.0.0.27 255.255.255.255 127.0.0.1 127.0.0.1
50
| 10.0.0.249 255.255.255.255 10.0.0.4 10.0.0.4
1
| 10.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4
10
| 20.0.0.0 255.255.255.0 10.0.0.240 10.0.0.4
1
| 81.139.137.67 255.255.255.255 192.168.1.1 192.168.1.10
1
| 86.130.225.210 255.255.255.255 192.168.1.1 192.168.1.10
1
| 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
| 192.168.1.0 255.255.255.0 192.168.1.10 192.168.1.10
20
| 192.168.1.10 255.255.255.255 127.0.0.1 127.0.0.1
20
| 192.168.1.255 255.255.255.255 192.168.1.10 192.168.1.10
20
| 224.0.0.0 240.0.0.0 10.0.0.4 10.0.0.4
10
| 224.0.0.0 240.0.0.0 192.168.1.10 192.168.1.10
20
| 255.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4
1
| 255.255.255.255 255.255.255.255 192.168.1.10 192.168.1.10
1
| Default Gateway: 192.168.1.1
|
===========================================================================
| Persistent Routes:
| None
|
| ---------------------------------------
|
|
| Application Server (Win2003Std):
|
| C:\Documents and Settings\administrator.domain>ipconfig /all
|
| Windows IP Configuration
|
| Host Name . . . . . . . . . . . . : appserver01
| Primary Dns Suffix . . . . . . . : domain.local
| Node Type . . . . . . . . . . . . : Unknown
| IP Routing Enabled. . . . . . . . : No
| WINS Proxy Enabled. . . . . . . . : No
| DNS Suffix Search List. . . . . . : mckeefry.local
|
| Ethernet adapter Local Area Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
| Physical Address. . . . . . . . . : 00-0D-60-16-06-DB
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 10.0.0.6
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . : 10.0.0.4
| DNS Servers . . . . . . . . . . . : 10.0.0.4
|
| C:\Documents and Settings\administrator.domain>route print
|
| IPv4 Route Table
|
===========================================================================
| Interface List
| 0x1 ........................... MS TCP Loopback interface
| 0x10003 ...00 0d 60 16 06 db ...... Broadcom NetXtreme Gigabit Ethernet
|
===========================================================================
|
===========================================================================
| Active Routes:
| Network Destination Netmask Gateway Interface
Metric
| 0.0.0.0 0.0.0.0 10.0.0.4 10.0.0.6
1
| 10.0.0.0 255.255.255.0 10.0.0.6 10.0.0.6
10
| 10.0.0.6 255.255.255.255 127.0.0.1 127.0.0.1
10
| 10.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6
10
| 20.0.0.0 255.255.255.255 10.0.0.240 10.0.0.6
1
| 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
| 224.0.0.0 240.0.0.0 10.0.0.6 10.0.0.6
10
| 255.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6
1
| Default Gateway: 10.0.0.4
|
===========================================================================
| Persistent Routes:
| None
|
| Regards
|
| Robbie Niblock
|
|
|
| ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:CcUwvb42FHA.1948@xxxxxxxxxxxxxxxxxxxxxxxx
| > HI,
| >
| > Welcome to SBS newsgroup.
| >
| > Issue description:
| > ===============
| >
| > I understand that you want to set routing rules to rule the connection
| > from
| > remote site to windows 2003 server on the main site.
| >
| > Analyzing and suggestions:
| > ===============
| >
| > Before we go any further, can I assume that your network topology
should
| > be
| > following situation:
| >
| > Internet ----[SBS]-[Internal client computer]
| >
| > [remote client PC]--[router on remote site]---[Router on main
| > site]-[switch]---[Windows member server]
| >
| > [UNIX server]
| >
| > Then the SBS and Windows member server also connect to the switch.
| >
| > Generally speaking, this should be the route issue. In order to narrow
| > down
| > the issue, we need to gather the following information:
| >
| > 1. Please run ipconfig/all on SBS server Windows member server UNIX
server
| > and remote site client computer, it is very important to our
| > troubleshooting steps.
| > 2. Please also use route print on the problematic windows 2003 member
| > server and paste the results to the newsgroup.
| > 3. Please use route add to add the 20.0.0.0 on the Windows 2003 member
| > server make sure that the metric is set to 1. You can follow the steps
| > below to add it.
| >
| > Route add destination default gateway (should be the gateway on your
main
| > site router) metric (should be set to 1)
| >
| > Then test if the issue still exists or not?
| >
| > 4. If possible, please also try to change the default gateway on your
| > Windows 2003 member to point to the router internal interface then
reboot
| > your Windows member server try to ping the router's internal interface
on
| > the remote site to see what is the result? Please also paste the route
| > print on Windows 2003 member server also.
| >
| > I really appreciate your understanding on this issue; please feel free
to
| > post back your concerns. I am glad to be of further assistance.
| >
| >
| >
| > Best regards,
| >
| > Charles Yang (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > ======================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > ======================================================
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| >
| >
| > =====================================================
| > When responding to posts, please "Reply to Group" via your newsreader so
| > that others may learn and benefit from your issue.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| >
| > --------------------
| > | From: "Robbie Niblock" <robbie@xxxxxxxxxx>
| > | Subject: VPN Router query
| > | Date: Thu, 27 Oct 2005 15:25:52 +0100
| > | Lines: 43
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-RFC2646: Format=Flowed; Original
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | Message-ID: <#c3RTJw2FHA.2292@xxxxxxxxxxxxxxxxxxxx>
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: demon-gw.systemencore.co.uk 80.176.160.1
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:165110
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | Hi All.
| > |
| > | Long(ish) post here - so apologies.
| > |
| > | I have a client running the following kit;
| > |
| > | SBS2003 Premium SP1 server: 2 x NIC. 1st NIC = 10.0.0.4 / 2nd NIC =
| > | 192.168.1.10. 2nd NIC connected to Draytek router (IP = 192.168.1.1).
| > This
| > | connects to 2MB ASDL.
| > | Server 2003 member server = 10.0.0.5. This machine runs a SQL
| > application.
| > | SCO Openserver 5.0.5 = 10.0.0.3. This machine runs a bespoke
| > application.
| > |
| > | Everything is running nicely on the LAN, but we are having some
problems
| > at
| > | a remote site. This remote site has 4 PCs. They are using 20.0.0.* IP
| > | config. They are all connected to a Draytek ADSL router (20.0.0.1)
and
| > at
| > | present use the windows vpn client to connect to the SBS machine.
We've
| > just
| > | set up a PPTP passthrough on the router at head office. When more that
| > one
| > | person tries to connect from that site at any one time - the session
| > | crashes. This is a known problem with the Draytek - you cannot have
more
| > | than one VPN connection from behind the same router.
| > |
| > | Anyway - they installed a new ADSL connection at head office purely
for
| > VPN.
| > | I connected a new Draytek 2600 router and gave it an IP address of
| > | 10.0.0.240. This router is just connected to the network swtich so it
| > isn't
| > | going through ISA. I then set up Router - Router VPN from the remote
| > Draytek
| > | to the new Draytek at head office (the 10.0.0.240 one) which works
fine.
| > | Now - the easiest box to test the connect is the Unix one. I created a
| > | static route from the Unix box to the remote network (route add
20.0.0.0
| > | 10.0.0.240). The remote site can communicate with the Unix box with no
| > | problems.
| > |
| > | My problem - I used the same route add command on the two Windows
| > servers,
| > | but the remote site cannot communicate with those boxes. Ping doesnt
| > even
| > | work. I realise that command wont keep the route going after a reboot
-
| > but
| > | that isn't the issue - the servers were never rebooted. Does anyone
have
| > any
| > | suggestions, or am I barking up the wrong tree completely by trying
this
| > | configuration?
| > |
| > | Thanks in advance.
| > |
| > | Robbie
| > |
| > |
| > |
| >
|
|
|
.
- Follow-Ups:
- Re: VPN Router query
- From: Robbie Niblock
- Re: VPN Router query
- References:
- RE: VPN Router query
- From: "Charles Yang [MSFT]"
- RE: VPN Router query
- Prev by Date: RE: MS Fax Server on SBS 2003 Premium: Cannot route to printer
- Next by Date: Re: SBS Remote Access to email
- Previous by thread: RE: VPN Router query
- Next by thread: Re: VPN Router query
- Index(es):
Relevant Pages
|
