Re: VPN Router query
- From: "Robbie Niblock" <robbie@xxxxxxxxxx>
- Date: Mon, 31 Oct 2005 09:30:40 -0000
I will do what you suggested and get back to you. Thankyou for your help.
""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:427hxse3FHA.2904@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi,
>
> Thanks for updates.
>
> From your route print, it seems there is some problem on the routing
> table,
> first you need to change the metric of 0.0.0.0 from 1 to 20, as I test it
> would be set to 20 by default on every workstation and server computer.
>
> Please also delete the routing rule for 20.0.0.0 then create a new rule
> for
> 20.0.0.0 make sure that network work mask is set to 255.255.255.0 and
> metric is set to 1.
>
> If possible, we suggest you try to check to see if you can change the
> default gateway on the Windows 2003 server to point to the router directly
> to see if you can access the Windows 2003 server directly from remote
> site;
> it will help us isolate the issue more clearly.
>
>
> Thanks again for your effort on this issue. I am glad to be of further
> assistance.
>
>
>
> Best regards,
>
> Charles Yang (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check
> the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In
> doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> --------------------
> | From: "Robbie Niblock" <robbie@xxxxxxxxxx>
> | References: <#c3RTJw2FHA.2292@xxxxxxxxxxxxxxxxxxxx>
> <CcUwvb42FHA.1948@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: Re: VPN Router query
> | Date: Fri, 28 Oct 2005 12:57:14 +0100
> | Lines: 341
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
> | X-RFC2646: Format=Flowed; Original
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
> | Message-ID: <e91W#a72FHA.3296@xxxxxxxxxxxxxxxxxxxx>
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: demon-gw.systemencore.co.uk 80.176.160.1
> | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
> | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:165496
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | Charles
> |
> | Thankyou for the response!
> |
> | First of all - I also need the remote site to access the SBS machine.
> |
> | Here are the ipconfig /all and route print results:
> |
> |
> | SBS Machine:
> |
> | Windows IP Configuration
> |
> |
> |
> | Host Name . . . . . . . . . . . . : server01
> | Primary Dns Suffix . . . . . . . : domain.local
> | Node Type . . . . . . . . . . . . : Unknown
> | IP Routing Enabled. . . . . . . . : Yes
> | WINS Proxy Enabled. . . . . . . . : Yes
> | DNS Suffix Search List. . . . . . : mckeefry.local
> |
> |
> | Ethernet adapter Server Local Area Connection:
> |
> |
> | Connection-specific DNS Suffix . :
> |
> | Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> | Physical Address. . . . . . . . . : 00-09-6B-A5-A5-36
> | DHCP Enabled. . . . . . . . . . . : No
> | IP Address. . . . . . . . . . . . : 10.0.0.4
> | Subnet Mask . . . . . . . . . . . : 255.255.255.0
> | Default Gateway . . . . . . . . . :
> | DNS Servers . . . . . . . . . . . : 10.0.0.4
> | Primary WINS Server . . . . . . . : 10.0.0.4
> |
> |
> | PPP adapter RAS Server (Dial In) Interface:
> |
> | Connection-specific DNS Suffix . :
> |
> | Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> | Physical Address. . . . . . . . . : 00-53-45-00-00-00
> | DHCP Enabled. . . . . . . . . . . : No
> | IP Address. . . . . . . . . . . . : 10.0.0.27
> | Subnet Mask . . . . . . . . . . . : 255.255.255.255
> | Default Gateway . . . . . . . . . :
> | NetBIOS over Tcpip. . . . . . . . : Disabled
> |
> |
> |
> | Ethernet adapter Router Connection:
> |
> | Connection-specific DNS Suffix . :
> | Description . . . . . . . . . . . : Intel(R) PRO/100 S Desktop
> Adapter
> | Physical Address. . . . . . . . . : 00-02-B3-D7-12-E9
> | DHCP Enabled. . . . . . . . . . . : No
> | IP Address. . . . . . . . . . . . : 192.168.1.10
> | Subnet Mask . . . . . . . . . . . : 255.255.255.0
> | Default Gateway . . . . . . . . . : 192.168.1.1
> | DNS Servers . . . . . . . . . . . : 10.0.0.4
> | NetBIOS over Tcpip. . . . . . . . : Disabled
> |
> | C:\Documents and Settings\Administrator>route print
> |
> | IPv4 Route Table
> |
> ===========================================================================
> | Interface List
> | 0x1 ........................... MS TCP Loopback interface
> | 0x2 ...00 09 6b a5 a5 36 ...... Broadcom NetXtreme Gigabit Ethernet -
> Packet
> | eduler Miniport
> | 0x10003 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
> | 0x10004 ...00 02 b3 d7 12 e9 ...... Intel(R) PRO/100 S Desktop Adapter
> |
> ===========================================================================
> |
> ===========================================================================
> | Active Routes:
> | Network Destination Netmask Gateway Interface
> Metric
> | 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10
> 1
> | 10.0.0.0 255.255.255.0 10.0.0.4 10.0.0.4
> 10
> | 10.0.0.4 255.255.255.255 127.0.0.1 127.0.0.1
> 10
> | 10.0.0.10 255.255.255.255 10.0.0.27 10.0.0.27
> 1
> | 10.0.0.22 255.255.255.255 10.0.0.27 10.0.0.27
> 1
> | 10.0.0.26 255.255.255.255 10.0.0.27 10.0.0.27
> 1
> | 10.0.0.27 255.255.255.255 127.0.0.1 127.0.0.1
> 50
> | 10.0.0.249 255.255.255.255 10.0.0.4 10.0.0.4
> 1
> | 10.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4
> 10
> | 20.0.0.0 255.255.255.0 10.0.0.240 10.0.0.4
> 1
> | 81.139.137.67 255.255.255.255 192.168.1.1 192.168.1.10
> 1
> | 86.130.225.210 255.255.255.255 192.168.1.1 192.168.1.10
> 1
> | 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
> 1
> | 192.168.1.0 255.255.255.0 192.168.1.10 192.168.1.10
> 20
> | 192.168.1.10 255.255.255.255 127.0.0.1 127.0.0.1
> 20
> | 192.168.1.255 255.255.255.255 192.168.1.10 192.168.1.10
> 20
> | 224.0.0.0 240.0.0.0 10.0.0.4 10.0.0.4
> 10
> | 224.0.0.0 240.0.0.0 192.168.1.10 192.168.1.10
> 20
> | 255.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4
> 1
> | 255.255.255.255 255.255.255.255 192.168.1.10 192.168.1.10
> 1
> | Default Gateway: 192.168.1.1
> |
> ===========================================================================
> | Persistent Routes:
> | None
> |
> | ---------------------------------------
> |
> |
> | Application Server (Win2003Std):
> |
> | C:\Documents and Settings\administrator.domain>ipconfig /all
> |
> | Windows IP Configuration
> |
> | Host Name . . . . . . . . . . . . : appserver01
> | Primary Dns Suffix . . . . . . . : domain.local
> | Node Type . . . . . . . . . . . . : Unknown
> | IP Routing Enabled. . . . . . . . : No
> | WINS Proxy Enabled. . . . . . . . : No
> | DNS Suffix Search List. . . . . . : mckeefry.local
> |
> | Ethernet adapter Local Area Connection:
> |
> | Connection-specific DNS Suffix . :
> | Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> | Physical Address. . . . . . . . . : 00-0D-60-16-06-DB
> | DHCP Enabled. . . . . . . . . . . : No
> | IP Address. . . . . . . . . . . . : 10.0.0.6
> | Subnet Mask . . . . . . . . . . . : 255.255.255.0
> | Default Gateway . . . . . . . . . : 10.0.0.4
> | DNS Servers . . . . . . . . . . . : 10.0.0.4
> |
> | C:\Documents and Settings\administrator.domain>route print
> |
> | IPv4 Route Table
> |
> ===========================================================================
> | Interface List
> | 0x1 ........................... MS TCP Loopback interface
> | 0x10003 ...00 0d 60 16 06 db ...... Broadcom NetXtreme Gigabit Ethernet
> |
> ===========================================================================
> |
> ===========================================================================
> | Active Routes:
> | Network Destination Netmask Gateway Interface
> Metric
> | 0.0.0.0 0.0.0.0 10.0.0.4 10.0.0.6
> 1
> | 10.0.0.0 255.255.255.0 10.0.0.6 10.0.0.6
> 10
> | 10.0.0.6 255.255.255.255 127.0.0.1 127.0.0.1
> 10
> | 10.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6
> 10
> | 20.0.0.0 255.255.255.255 10.0.0.240 10.0.0.6
> 1
> | 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
> 1
> | 224.0.0.0 240.0.0.0 10.0.0.6 10.0.0.6
> 10
> | 255.255.255.255 255.255.255.255 10.0.0.6 10.0.0.6
> 1
> | Default Gateway: 10.0.0.4
> |
> ===========================================================================
> | Persistent Routes:
> | None
> |
> | Regards
> |
> | Robbie Niblock
> |
> |
> |
> | ""Charles Yang [MSFT]"" <v-chayan@xxxxxxxxxxxxxxxxxxxx> wrote in message
> | news:CcUwvb42FHA.1948@xxxxxxxxxxxxxxxxxxxxxxxx
> | > HI,
> | >
> | > Welcome to SBS newsgroup.
> | >
> | > Issue description:
> | > ===============
> | >
> | > I understand that you want to set routing rules to rule the connection
> | > from
> | > remote site to windows 2003 server on the main site.
> | >
> | > Analyzing and suggestions:
> | > ===============
> | >
> | > Before we go any further, can I assume that your network topology
> should
> | > be
> | > following situation:
> | >
> | > Internet ----[SBS]-[Internal client computer]
> | >
> | > [remote client PC]--[router on remote site]---[Router on main
> | > site]-[switch]---[Windows member server]
> | >
> | > [UNIX server]
> | >
> | > Then the SBS and Windows member server also connect to the switch.
> | >
> | > Generally speaking, this should be the route issue. In order to narrow
> | > down
> | > the issue, we need to gather the following information:
> | >
> | > 1. Please run ipconfig/all on SBS server Windows member server UNIX
> server
> | > and remote site client computer, it is very important to our
> | > troubleshooting steps.
> | > 2. Please also use route print on the problematic windows 2003 member
> | > server and paste the results to the newsgroup.
> | > 3. Please use route add to add the 20.0.0.0 on the Windows 2003 member
> | > server make sure that the metric is set to 1. You can follow the steps
> | > below to add it.
> | >
> | > Route add destination default gateway (should be the gateway on your
> main
> | > site router) metric (should be set to 1)
> | >
> | > Then test if the issue still exists or not?
> | >
> | > 4. If possible, please also try to change the default gateway on your
> | > Windows 2003 member to point to the router internal interface then
> reboot
> | > your Windows member server try to ping the router's internal interface
> on
> | > the remote site to see what is the result? Please also paste the route
> | > print on Windows 2003 member server also.
> | >
> | > I really appreciate your understanding on this issue; please feel free
> to
> | > post back your concerns. I am glad to be of further assistance.
> | >
> | >
> | >
> | > Best regards,
> | >
> | > Charles Yang (MSFT)
> | >
> | > Microsoft CSS Online Newsgroup Support
> | >
> | > Get Secure! - www.microsoft.com/security
> | >
> | > ======================================================
> | > This newsgroup only focuses on SBS technical issues. If you have
> issues
> | > regarding other Microsoft products, you'd better post in the
> corresponding
> | > newsgroups so that they can be resolved in an efficient and timely
> manner.
> | > You can locate the newsgroup here:
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | >
> | > When opening a new thread via the web interface, we recommend you
> check
> | > the
> | > "Notify me of replies" box to receive e-mail notifications when there
> are
> | > any updates in your thread. When responding to posts via your
> newsreader,
> | > please "Reply to Group" so that others may learn and benefit from your
> | > issue.
> | >
> | > Microsoft engineers can only focus on one issue per thread. Although
> we
> | > provide other information for your reference, we recommend you post
> | > different incidents in different threads to keep the thread clean. In
> | > doing
> | > so, it will ensure your issues are resolved in a timely manner.
> | >
> | > For urgent issues, you may want to contact Microsoft CSS directly.
> Please
> | > check http://support.microsoft.com for regional support phone numbers.
> | >
> | > Any input or comments in this thread are highly appreciated.
> | > ======================================================
> | > This posting is provided "AS IS" with no warranties, and confers no
> | > rights.
> | >
> | >
> | > =====================================================
> | > When responding to posts, please "Reply to Group" via your newsreader
> so
> | > that others may learn and benefit from your issue.
> | > =====================================================
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> | > rights.
> | >
> | > --------------------
> | > | From: "Robbie Niblock" <robbie@xxxxxxxxxx>
> | > | Subject: VPN Router query
> | > | Date: Thu, 27 Oct 2005 15:25:52 +0100
> | > | Lines: 43
> | > | X-Priority: 3
> | > | X-MSMail-Priority: Normal
> | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
> | > | X-RFC2646: Format=Flowed; Original
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
> | > | Message-ID: <#c3RTJw2FHA.2292@xxxxxxxxxxxxxxxxxxxx>
> | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | NNTP-Posting-Host: demon-gw.systemencore.co.uk 80.176.160.1
> | > | Path:
> TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> | > | Xref: TK2MSFTNGXA01.phx.gbl
> microsoft.public.windows.server.sbs:165110
> | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > |
> | > | Hi All.
> | > |
> | > | Long(ish) post here - so apologies.
> | > |
> | > | I have a client running the following kit;
> | > |
> | > | SBS2003 Premium SP1 server: 2 x NIC. 1st NIC = 10.0.0.4 / 2nd NIC =
> | > | 192.168.1.10. 2nd NIC connected to Draytek router (IP =
> 192.168.1.1).
> | > This
> | > | connects to 2MB ASDL.
> | > | Server 2003 member server = 10.0.0.5. This machine runs a SQL
> | > application.
> | > | SCO Openserver 5.0.5 = 10.0.0.3. This machine runs a bespoke
> | > application.
> | > |
> | > | Everything is running nicely on the LAN, but we are having some
> problems
> | > at
> | > | a remote site. This remote site has 4 PCs. They are using 20.0.0.*
> IP
> | > | config. They are all connected to a Draytek ADSL router (20.0.0.1)
> and
> | > at
> | > | present use the windows vpn client to connect to the SBS machine.
> We've
> | > just
> | > | set up a PPTP passthrough on the router at head office. When more
> that
> | > one
> | > | person tries to connect from that site at any one time - the session
> | > | crashes. This is a known problem with the Draytek - you cannot have
> more
> | > | than one VPN connection from behind the same router.
> | > |
> | > | Anyway - they installed a new ADSL connection at head office purely
> for
> | > VPN.
> | > | I connected a new Draytek 2600 router and gave it an IP address of
> | > | 10.0.0.240. This router is just connected to the network swtich so
> it
> | > isn't
> | > | going through ISA. I then set up Router - Router VPN from the remote
> | > Draytek
> | > | to the new Draytek at head office (the 10.0.0.240 one) which works
> fine.
> | > | Now - the easiest box to test the connect is the Unix one. I created
> a
> | > | static route from the Unix box to the remote network (route add
> 20.0.0.0
> | > | 10.0.0.240). The remote site can communicate with the Unix box with
> no
> | > | problems.
> | > |
> | > | My problem - I used the same route add command on the two Windows
> | > servers,
> | > | but the remote site cannot communicate with those boxes. Ping doesnt
> | > even
> | > | work. I realise that command wont keep the route going after a
> reboot
> -
> | > but
> | > | that isn't the issue - the servers were never rebooted. Does anyone
> have
> | > any
> | > | suggestions, or am I barking up the wrong tree completely by trying
> this
> | > | configuration?
> | > |
> | > | Thanks in advance.
> | > |
> | > | Robbie
> | > |
> | > |
> | > |
> | >
> |
> |
> |
>
.
- References:
- RE: VPN Router query
- From: "Charles Yang [MSFT]"
- Re: VPN Router query
- From: "Charles Yang [MSFT]"
- RE: VPN Router query
- Prev by Date: RE: RemoteAccess service is Stop Pending
- Next by Date: Re: Help and Support Center hangs on second search
- Previous by thread: Re: VPN Router query
- Next by thread: Re: Fax Server wont configure
- Index(es):
Relevant Pages
|
