RE: SBS 2003 and WAN connections useing Cisco Routers
- From: v-crinal@xxxxxxxxxxxxxxxxxxxx ("Crina Li")
- Date: Fri, 23 Dec 2005 03:55:43 GMT
Hi Tim,
Thank you for posting in SBS newsgroup.
To narrow down the problem, would you please help me collect the following
information?
1. How do you create VPN between SBS and remote office? You said "we go to
a remote location and try to connect to the server through our T1 and
routers", do you mean you have created VPN using router to router or router
to SBS?
2. What is the error you got when you access SBS form remote location?
3. How many NICs on your SBS? Can you describe your detailed network
diagram?
Currently, I provide some general steps below to configure VPN access on an
SBS environment?
1. Run CEICW, follow the wizard and select Enable firewall and then make
sure Virtual Private Networking (VPN) is selected in the Services
Configuration page. And make sure you have typed the public FQDN of the SBS
server on the Web Server Certificate page.
2. Run Remote Access Wizard in Server Management\Internet and
E-mail\Configure Remote Access, and select VPN access in the Remote Access
Method page. After finishing this wizard, RRAS is configured to allow
inbound VPN access, and it can assign IP addresses to the VPN clients by
using DHCP.
Note: When we run the remote access wizard to set up the VPN service, we
need to input the public IP address or the public FQDN of the SBS server.
We need to make sure that the address can be accessed from the internet.
3. On the VPN client, go to https://publicFQDN/remote, clear I'm using a
public or shared computer, log in and download Connection Manager.
4. Install Connection Manager on the VPN client.
5. If there is ISA Server installed, this issue may occur because the
Configure E-mail and Internet Connection Wizard (sometimes known as CEICW)
does not enable PPTP connections through the Microsoft Internet Security
and Acceleration (ISA) firewall. For more info, please refer to:
886621 You receive an "Unable to establish the VPN connection" error
message
http://support.microsoft.com/?id=886621
6. Is there a hardware router installed in front of the SBS server? If so,
ensure that the port forwarding for TCP 1723 and GRE port (protocol number
47) are opened. PPTP VPN is negotiating a connection on TCP port 1723 and
send data to and from the PPTP server using the GRE protocol (IP Protocol
47, 0x2F if you are looking in Network Monitor). You should open port 1723
on the router and also make sure IP Protocol 47 is allowed.
Regarding information:
323441 How To Install and Configure a Virtual Private Network Server in
Windows
http://support.microsoft.com/?id=323441
305550 How to configure a VPN connection to your corporate network in
Windows
http://support.microsoft.com/?id=305550
For remote access between two offices, I also provide the following
document for your reference:
Connecting a Remote Office to a Small Business Server 2000 Network
http://www.microsoft.com/technet/prodtechnol/sbs/2000/maintain/remotofc.mspx
Note: this article is for SBS 2000 network but it can also apply to SBS
2003 network.
319108 Error Message: VPN Connection Error 800: Unable to Establish
Connection
http://support.microsoft.com/?id=319108
888711 Site-to-site VPN in ISA Server 2004
http://support.microsoft.com/?id=888711
812076 HOW TO: Enable a Cisco IPSec VPN Client to Connect to a Cisco VPN
http://support.microsoft.com/?id=812076
Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/deploy/confeat/vpndpls2.asp
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 1
http://www.isaserver.org/tutorials/g2gisa2rraspart1.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Windows 2000 RRAS - Part 2
http://www.isaserver.org/articles/g2gisa2rraspart2.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 1
http://www.isaserver.org/tutorials/gatewaytogatewaywithdc.html
Joining Networks over the Internet with a Gateway to Gateway VPN: ISA
Server to Branch Office ISA Server/Domain Controller - Part 2
http://www.isaserver.org/tutorials/gatewaytogatewaywithdcpart2.html
I appreciate your time and I look forward to your reply.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: SBS 2003 and WAN connections useing Cisco Routers
|| From: "=?Utf-8?B?VGltODQzOQ==?=" <Tim8439@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: SBS 2003 and WAN connections useing Cisco Routers
| Date: Thu, 22 Dec 2005 09:28:02 -0800
| | Newsgroups: microsoft.public.windows.server.sbs
| |
| SBS 2003 is up and running fine in our Corp office but when we go to a
remote
| location and try to connect to the server throuogh our T1 and routers we
get
| no reply back from the server. all connections in the Corp office can see
the
| server just fine, also we can see all the other servers we have at Corp
from
| remote location with no problem and can ping them, but the SBS server
will
| not respond at all. ??
|
.
- Prev by Date: Re: Group Policy Not Being Picked Up by Client
- Next by Date: Re: Record/Audit User Activity on Share Folder
- Previous by thread: Re: SBS 2003 and WAN connections useing Cisco Routers
- Next by thread: Queues in Exchange
- Index(es):
Relevant Pages
|
