RE: VPN Connection Problems
- From: Michael Rudnick <news@xxxxxxxxxxxxxxxxx>
- Date: Wed, 18 Jan 2006 15:29:04 -0800
After reviewing the notes you gave, we are still having problems.
Note that we are able to successfully VPN into the office. We are not able
to browse the network, RDP to the server or even ping the server.
One thing I noticed is that the Default Gateway on the client is listed as
the IP address of the client. This is different from another SBS server
(different network) where the Default Gateway is blank.
Here is the IP information:
SERVER
Windows IP Configuration
Host Name . . . . . . . . . . . . : server
Primary Dns Suffix . . . . . . . : OceansideMortgageGroup.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : OceansideMortgageGroup.local
Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 S Server Adapter
Physical Address. . . . . . . . . : 00-0E-0C-A0-4C-1F
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.1
Primary WINS Server . . . . . . . : 192.168.16.1
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.220
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter WAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 S Server Adapter #2
Physical Address. . . . . . . . . : 00-0E-0C-A0-4F-8B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.16.1
NetBIOS over Tcpip. . . . . . . . : Disabled
CLIENT
Windows IP Configuration
Host Name . . . . . . . . . . . . : laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-08-74-E2-32-08
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.148
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.2
DHCP Server . . . . . . . . . . . : 192.168.2.2
DNS Servers . . . . . . . . . . . : 68.9.16.30
68.13.16.30
Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2006
3:53:08
PM
Lease Expires . . . . . . . . . . : Thursday, January 19, 2006
3:53:08 P
M
PPP adapter Oceanside:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.17
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.16.17
DNS Servers . . . . . . . . . . . : 192.168.16.1
Primary WINS Server . . . . . . . : 192.168.16.1
Is the presence of the Default Gateway on the client causing the problem?
Are there other suggestions you have?
Thanks.
--
Michael Rudnick
news@xxxxxxxxxxxxxxxxx
v-crinal@xxxxxxxxxxxxxxxxxxxx ("Crina Li") wrote in
news:572lHw$GGHA.3764@xxxxxxxxxxxxxxxxxxxxx:
> Hi Michael,
>
> Thanks for your update.
>
> Please feel free to let me know if you have any further concerns. I am
> looking forward to your reply.
>
> Have a great day!
>
> Best regards,
>
> Crina Li (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> This newsgroup only focuses on SBS technical issues. If you have
> issues regarding other Microsoft products, you'd better post in the
> corresponding newsgroups so that they can be resolved in an efficient
> and timely manner. You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you
> check the "Notify me of replies" box to receive e-mail notifications
> when there are any updates in your thread. When responding to posts
> via your newsreader, please "Reply to Group" so that others may learn
> and benefit from your issue.
>
> Microsoft engineers can only focus on one issue per thread. Although
> we provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In
> doing so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly.
> Please check http://support.microsoft.com for regional support phone
> numbers.
>
> Any input or comments in this thread are highly appreciated.
>
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights. --------------------
>| Subject: RE: VPN Connection Problems
>| From: Michael Rudnick <news@xxxxxxxxxxxxxxxxx>
>| References: <Xns9743A4C2B122Dnewsrccpcsupportcom@xxxxxxxxxxxxx>
> <HCdA0hPFGHA.3944@xxxxxxxxxxxxxxxxxxxxx>
>| Message-ID: <Xns974EB13907BC5newsrccpcsupportcom@xxxxxxxxxxxxx>
>| User-Agent: Xnews/5.04.25
>| Newsgroups: microsoft.public.windows.server.sbs
>| Date: Tue, 17 Jan 2006 14:25:41 -0800
>| NNTP-Posting-Host: wsip-24-249-30-228.ri.ri.cox.net 24.249.30.228
>| Lines: 1
>| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
>| Xref: TK2MSFTNGXA02.phx.gbl
>| microsoft.public.windows.server.sbs:237466 X-Tomcat-NG:
>| microsoft.public.windows.server.sbs
>|
>| We are going to the client's office tomorrow and will use these
> suggestions
>| to see if we can get it working properly.
>|
>| Thanks for your help.
>|
>| --
>| Michael Rudnick
>| news@xxxxxxxxxxxxxxxxx
>|
>|
>| v-crinal@xxxxxxxxxxxxxxxxxxxx ("Crina Li") wrote in
>| news:HCdA0hPFGHA.3944@xxxxxxxxxxxxxxxxxxxxx:
>|
>| > Hi Michael,
>| >
>| > Thank you for posting in SBS newsgroup.
>| >
>| > I am sorry for the delayed response due to weekend. Please
>| > understand that the newsgroups are staffed weekdays by Microsoft
>| > Support professionals to answer your systems and applications
>| > questions. Your understanding is greatly appreciated!
>| >
>| > From the description, I understand the issue to be: you have set up
>| > the VPN from WAN to LAN, and you have a router on WAN network,
>| > however, you can not ping anything on the SBS network from WAN. If
>| > I have misunderstood your concerns, please do not hesitate to let
>| > me know.
>| >
>| > Generally, you may follow the steps below to configure VPN access
>| > on an SBS environment:
>| >
>| > 1. Run CEICW, follow the wizard and select Enable firewall and
>| > then make sure Virtual Private Networking (VPN) is selected in the
>| > Services Configuration page. And make sure you have typed the
>| > public FQDN of the SBS server on the Web Server Certificate page.
>| > 2. Run Remote Access Wizard in Server Management\Internet and
>| > E-mail\Configure Remote Access, and select VPN access in the Remote
>| > Access Method page. After finishing this wizard, RRAS is configured
>| > to allow inbound VPN access, and it can assign IP addresses to the
>| > VPN clients by using DHCP.
>| >
>| > Note: When we run the remote access wizard to set up the VPN
>| > service, we
>| > need to input the public IP address or the public FQDN of the
>| > SBS server. We need to make sure that the address can be accessed
>| > from the internet.
>| >
>| > 3. On the VPN client, go to https://publicFQDN/remote, clear
>| > I'm using a public or shared computer, log in and download
>| > Connection Manager. 4. Install Connection Manager on the VPN
>| > client.
>| >
>| > If there is a hardware router/firewall installed in front of the
>| > SBS server please make sure that the port forwarding for TCP 1723
>| > and GRE port (protocol number 47) are opened. PPTP VPN is
>| > negotiating a connection on TCP port 1723 and send data to and from
>| > the PPTP server using the GRE protocol (IP Protocol 47, 0x2F if you
>| > are looking in Network Monitor). You should open port 1723 on the
>| > router/firewall and also make sure IP Protocol 47 is allowed.
>| >
>| > If you have followed the above steps, please try the following to
>| > see if it helps:
>| >
>| > As I know, there is a known issue when you are using the ISA Server
>| > 2000 on the SBS Server. If that is the case, please call PSS to
>| > obtain and apply the hotfix to see if the problem can be resolved:
>| >
>| > 897651 VPN clients can no longer access internal resources after
>| > you install Windows Server 2003 Service Pack 1 on a computer that
>| > is running ISA Server 2000
>| > http://support.microsoft.com/default.aspx?scid=kb;EN-US;897651
>| >
>| > If it does not help, please check the following settings:
>| >
>| > 1. Make sure that you have selected Enable NetBIOS over TCP/IP
>| > and the Computer Browser service on remote computer and SBS as
>| > following:
>| >
>| > 1) Right click My Network Places and select Properties.
>| > 2) Right click Local Area Connection (client computer)/Network
>| > Connection (server) and select Properties.
>| > 3) Click Internet Protocol (TCP/IP) and high light it. Click
>| > Properties. 4) On the General tab, click Advanced. Go to WINS
>| > tab. 5) Make sure that you select Enable NetBIOS over TCP/IP.
>| > 6) Click OK twice and close all the windows.
>| >
>| > For detailed information, please refer to the following KB
>| > article:
>| >
>| > 827603 Remote users cannot see a Windows Small Business Server
>| > 2003
>| > computer in
>| > http://support.microsoft.com/?id=827603
>| >
>| > 318030 You cannot access shared files and folders or browse
>| > computers in
>| > the
>| > http://support.microsoft.com/?id=318030
>| >
>| > 2. Make sure the TCP/IP NetBIOS Helper service and the Server
>| > service and Workstation service are running on SBS, LAN and remote
>| > computer. You may check them through running Services.msc.
>| > 3. Check WINS:
>| >
>| > 1) Open WINS console in the SBS Administrative Tools.
>| > 2) Make sure that the service is started.
>| >
>| > 4. Check Computer Browser on SBS and remote network:
>| >
>| > 1) Open Services console in the SBS Administrative Tools.
>| > 2) In the right pane, make sure that the "Computer Browser"
>| > service is started and the startup type is "Automatic".
>| > 3) Check the same settings on all client computers and make
>| > sure that the "Computer Browser" service is stopped and the startup
>| > type is "Disabled".
>| >
>| > 5. Please disable ICF in your remote computer. To do so:
>| >
>| > 1) Click Start, and then click My Network Places.
>| > 2) Under Network Tasks, click View Network Connections.
>| > 3) Right-click the connection that you use for the Internet,
>| > and then click Properties.
>| > 4) Click the Advanced tab.
>| > 5) Click to clear the "Protect my computer and network by
>| > limiting or preventing access to this computer from the
>| > Internet" check box.
>| >
>| > For detailed information, please refer to the following KB
>| > article:
>| >
>| > 298804 Internet firewalls can prevent browsing and file
>| > sharing http://support.microsoft.com/?id=298804
>| >
>| > If the problem still occurs, please help me collect the following
>| > information:
>| >
>| > 1. Can you ping the SBS server by its NetBIOS name (ping
>| > servername)? 2. Can you ping the SBS server's internal IP
>| > address? 3. What happens if you run the following command on
>| > the remote client:
>| >
>| > net use Z: \\SBS_Server_Name\Shared_Folder_Name
>| >
>| > 4. Can you ping a LAN workstation using its NetBIOS name and IP
>| > address?
>| >
>| > ping workstation_name
>| > ping workstation_IP
>| >
>| > 5. How many network adapters did you install on the SBS server?
>| > 6. Can you describe the detailed network diagram for me and the
>| > detailed article you have followed in smallbizserver.net?
>| > 7. Please post an ipconfig/all result form SBS and remote
>| > computer when the VPN is created.
>| > 8. Is everything OK if you manually create a VPN connection to
>| > the SBS server? To do so, see:
>| >
>| > 314076 How to configure a connection to a virtual private
>| > network (VPN) in http://support.microsoft.com/?id=314076
>| >
>| > 305550 How to configure a VPN connection to your corporate
>| > network in
>| > Windows XP Professional
>| > http://support.microsoft.com/default.aspx?scid=kb;EN-US;305550
>| >
>| > More information:
>| >
>| > 323381 How to Allow Remote Users to Access Your Network in Windows
>| > Server 2003
>| > http://support.microsoft.com/?id=323381
>| >
>| > 323441 How To Install and Configure a Virtual Private Network
>| > Server in Windows
>| > http://support.microsoft.com/?id=323441
>| >
>| > I am appreciated your time and look forward to hearing from you.
>| >
>| > Best regards,
>| >
>| > Crina Li (MSFT)
>| >
>| > Microsoft CSS Online Newsgroup Support
>| >
>| > Get Secure! - www.microsoft.com/security
>| >
>| > =====================================================
>| > This newsgroup only focuses on SBS technical issues. If you have
>| > issues regarding other Microsoft products, you'd better post in the
>| > corresponding newsgroups so that they can be resolved in an
>| > efficient and timely manner. You can locate the newsgroup here:
>| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>| >
>| > When opening a new thread via the web interface, we recommend you
>| > check the "Notify me of replies" box to receive e-mail
>| > notifications when there are any updates in your thread. When
>| > responding to posts via your newsreader, please "Reply to Group" so
>| > that others may learn and benefit from your issue.
>| >
>| > Microsoft engineers can only focus on one issue per thread.
>| > Although we provide other information for your reference, we
>| > recommend you post different incidents in different threads to keep
>| > the thread clean. In doing so, it will ensure your issues are
>| > resolved in a timely manner.
>| >
>| > For urgent issues, you may want to contact Microsoft CSS directly.
>| > Please check http://support.microsoft.com for regional support
>| > phone numbers.
>| >
>| > Any input or comments in this thread are highly appreciated.
>| >
>| > =====================================================
>| >
>| > This posting is provided "AS IS" with no warranties, and confers no
>| > rights. --------------------
>| >| Subject: VPN Connection Problems
>| >| From: Michael Rudnick <news@xxxxxxxxxxxxxxxxx>
>| >|| Newsgroups: microsoft.public.windows.server.sbs
>| >| Date: Fri, 06 Jan 2006 13:11:51 -0800
>| >| |
>| >| I'm having trouble with VPN on a SBS 2003 Premium server. ISA is
>| > installed
>| >| on the server.
>| >|
>| >| I have set up the network according the the notes in
>| >| smallbizserver.net.
>| > We
>| >| have a LAN (192.168.16.x) and WAN (192.168.0.x). There is a router
>| >| on the network as well. I have run the ICW and Remote Access
>| >| wizards. I am able
>| > to
>| >| obtain a connection but cannot ping anything on the network,
>| >| including
>| > the
>| >| server. I correctly obtain an IP address from the server.
>| >|
>| >| I compared this setup to another SBS server (at another location)
>| >| and
>| > can't
>| >| find any differences. Yet at the other location I can ping the
>| >| server and establish a Remote Desktop Connection to the server.
>| >|
>| >| I've combed through the settings in ISA and RRAS to see if there
>| >| is anything obvious and can't find anything. Any suggestions on
>| >| where to
>| > look?
>| >|
>| >| --
>| >| Michael Rudnick
>| >| news@xxxxxxxxxxxxxxxxx
>| >|
>| >
>| >
>|
>|
>
.
- Follow-Ups:
- RE: VPN Connection Problems
- From: "Crina Li"
- RE: VPN Connection Problems
- References:
- VPN Connection Problems
- From: Michael Rudnick
- RE: VPN Connection Problems
- From: "Crina Li"
- RE: VPN Connection Problems
- From: Michael Rudnick
- RE: VPN Connection Problems
- From: "Crina Li"
- VPN Connection Problems
- Prev by Date: Re: VoIP question
- Next by Date: Recipient Policy
- Previous by thread: RE: VPN Connection Problems
- Next by thread: RE: VPN Connection Problems
- Index(es):
Relevant Pages
|
