RE: Remote Access Routing Questions

Hi,

Thanks for posting here!

For your description, I understand that you have some question to
connecting to SBS network though VPN and RWW site. If I am off base, please
don't hesitate to let me know.

I. When we setup VPN connection to some network from internet, the internet
computer will be assigned a private IP address of the network and works
like internal computers and access resources with appropriate permissions.

When we VPN to the SBS network, we surely can access the Companyweb site by
URL: http://companyweb. When you VPN to SBS network, what is error you got
when you try to access the companyweb site?

How you setup VPN connection? By Microsoft VPN client application or third
party application such as router vendor?

II. I would like to explain how RWW works when a remote client connects to
an internal client computer or server box, so that you can have a brief
understanding about RWW issue.

The following is the process:

1. User navigates to the Computer Selection page of the Remote User Portal
in a web browser, and is prompted to download the stanard Terminal Services
ActiveX Component, if necessary.
2. SBS queries the Active Directory for all internal client computers
running an OS that supports Remote Desktop and provides the list to the
user.
3. User selects a computer from the list and presses Connect button.
4. Server listens on TCP port 4125 which is already opened by firewall.
5. SBS creates a connection to the internal client on port 3389 which is
designed for TS and Remote Desktop.
6. The TS ActiveX Control downloaded and installed on the external client
creates a TS connection to the SBS server on port 4125.
7. SBS Server forwards the connection to the internal Remote Desktop client
or itself as a Remote Desktop client.

When you RDP the SBS server, you can operate the server like locally. So I
am not clearly know what is your meaning "The SBS connection can't access
an external web site.". If the server can access external web site, when
you connect the server, it still can access internet.

More information:
How to install and configure a Virtual Private Network server in Windows
Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323441

314076 HOW TO: Configure a Connection to a Virtual Private Network (VPN) in
Windows XP
http://support.microsoft.com/?id=314076

After understanding the RWW/Remote Desktop process, you will know that
after RWW traffic entered internal network, it will use terminal services
and do RDP process, so use the RRAS console, we can not see which one
session from the RWW, which one from VPN or RDP session.

Hope above information helps! I am happy to be assistance of you and look
forward to your reply.

Have a nice day!

Sincerely,

Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "CCMiami" <nospam@xxxxxxxxxxxxxxx>
>Newsgroups: microsoft.public.windows.server.sbs
>Subject: Remote Access Routing Questions
>Lines: 24
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
>X-RFC2646: Format=Flowed; Original
>Message-ID: <cLYef.10366$Mi5.9390@dukeread07>
>Date: Thu, 17 Nov 2005 05:15:09 -0500
>NNTP-Posting-Host: 70.184.241.162
>X-Complaints-To: abuse@xxxxxxx
>X-Trace: dukeread07 1132222536 70.184.241.162 (Thu, 17 Nov 2005 05:15:36
EST)
>NNTP-Posting-Date: Thu, 17 Nov 2005 05:15:36 EST
>Organization: Cox Communications
>Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!border2.nntp.dca.giganews.com!nntp.giganews.com!peer01.cox.net!cox.net
!p01!dukeread07.POSTED!53ab2750!not-for-mail
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:223152
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Hi,
>I am trying to understand the VPN routing and how it is different between
a
>"Connect to SBS" connection, made from a remote connection disk, and a VPN
>connection set up manually.
>
>First, these act differently. For example the "SBS" connection can access
>\\companyweb but the VPN can't, but both can access <servername>.local or
>even companyweb.<servername>.local. Why can't the VPN access
\\conpanyweb?
>How are these not the same thing?
>
>The SBS connection can't access an external web site. What makes the
server
>perform the routing?
>
>I have configured the VPN connection to allow direct local access by
>unchecking "Use default gateway on remote network". I don't know how to
do
>the same with the "remote connection disk"? How do I set the parameters
of
>the remote connection disk?
>
>On a somewhat related note - how would I create a VPN user that is not an
>SBS user (For access to a secure web site, CVS server, etc).
>
>Thanks!
>
>
>

.