RE: Remote desktop over a VPN
- From: v-crinal@xxxxxxxxxxxxxxxxxxxx ("Crina Li")
- Date: Thu, 17 Nov 2005 03:26:15 GMT
Hi Omar,
Thank you for posting in SBS newsgroup.
>From the description, I understand the issue to be: you have created VPN
from SBS to remote network, however you can not VPN to remote network from
SBS LAN client computer. If I have misunderstood your concerns, please do
not hesitate to let me know.
This issue may occur because the ISA Server Firewall Client program does
not support a PPTP-based VPN connection.
For detailed information, please refer to the following KB article:
887006 When you use the ISA 2004 Firewall Client program, you cannot make a
http://support.microsoft.com/?id=887006
As I know, the firewall client application identifies the internal/external
traffic according to the LAT and the routing table. When the traffic is
identified as outgoing external traffic, it would be picked up by the
firewall client application and then sent to the ISA server. Since the
remote VPN network is not in the local ISA server's LAT (for ISA 2004, it's
the address range of internal network objects), the firewall client picks
up the traffic and send it to the ISA server. This caused the problem.
Generally speaking, to use a VPN client through the ISA server, we
recommend the client use SecureNAT mode. You may refer to the following KB
article for the detailed information:
838245 How to permit PPTP clients to access the external network through ISA
http://support.microsoft.com/?id=838245
283628 How to Enable PPTP Clients to Connect Through an ISA Firewall
http://support.microsoft.com/?id=283628
Also, you may try to add the remote LAN address range into the local ISA
server 'Internal' network address range. Go to the ISA server. Open ISA
Management console. Navigate to Configuration\Network. Open the properties
of the Internal network object. Add the remote LAN address range into the
object.
If the problem still occurs, would you please help me collect the following
information?
1. What is the detailed network diagram? Is it as following?
LAN-SBS-Router--------------VPN--------------Router-remote network
Can you help me describe the detailed steps you have performed to create
VPN and the detailed network diagram of remote network?
2. What is the detailed error message when you VPN to remote network? Can
you get an ipconfig/all results on SBS and remote client computer and LAN
computer?
3. Can you confirm that the remote client computer has allowed the remote
desktop? Please check the remote client as following:
1) You can right click My Computer and select Properties and then check if
Allow users to connect remotely to this computer on Remote tab on the
computer is selected.
2) You can also make sure the user account is added to the Remote Users
group of the remote client computer.
4. Is there a hardware router/firewall installed in front of the SBS
server?
More information:
For remote access between two offices, I also provide the following
document for your reference:
Connecting a Remote Office to a Small Business Server 2000 Network
http://www.microsoft.com/technet/prodtechnol/sbs/2000/maintain/remotofc.mspx
Note: this article is for SBS 2000 network but it can also apply to SBS
2003 network.
323441 How To Install and Configure a Virtual Private Network Server in
Windows
http://support.microsoft.com/?id=323441
888711 Site-to-site VPN in ISA Server 2004
http://support.microsoft.com/?id=888711
812076 HOW TO: Enable a Cisco IPSec VPN Client to Connect to a Cisco VPN
http://support.microsoft.com/?id=812076
Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/deploy/confeat/vpndpls2.asp
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 1
http://www.isaserver.org/tutorials/g2gisa2rraspart1.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 2
http://www.isaserver.org/articles/g2gisa2rraspart2.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 1
http://www.isaserver.org/tutorials/gatewaytogatewaywithdc.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 2
http://www.isaserver.org/tutorials/gatewaytogatewaywithdcpart2.html
I hope the above information helps. If you have any questions or concerns,
please feel free to let me know. I look forward to your reply!
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Omar Seri" <omar.seri@xxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Remote desktop over a VPN
| Date: 15 Nov 2005 18:02:49 -0800
| Organization: http://groups.google.com
| |
| I have SBS 2003 with ISA 2004 in my local network, and I'm trying to
| get access to a remote network host using remote desktop.
| I created a VPN from the local ISA 2004 and the remote Linksys WRV54G
| using IPSEC.
| The tunnel works fine: from a client in the local network I can ping a
| host in the remote network. And if in the local network client I
| deactivate the ISA firewall client and I try remote desktop to the same
| host I can ping, I get the remote desktop window but I never get the
| logging window to go on. After a while, an error says that the remote
| connection has been interrupted.
| Could someone help me with this? I would appreciate.
|
|
.
- Follow-Ups:
- Re: Remote desktop over a VPN
- From: Omar Seri
- Re: Remote desktop over a VPN
- From: Omar Seri
- Re: Remote desktop over a VPN
- Prev by Date: sharepoint - feature overview
- Next by Date: Re: Can we just receive e-mail and block outgoing e-mail in SBS2003?
- Previous by thread: sharepoint - feature overview
- Next by thread: Re: Remote desktop over a VPN
- Index(es):
Relevant Pages
|
