Re: VPN file access
- From: gjoneshtfc@xxxxxxxxxxxxxxx
- Date: 7 Jul 2006 03:41:59 -0700
Crina,
I cannot run CEICW... it doesnt exist. Also, i have two network cars,
internal and external. The external has IP 10.0.0.2, the vigor 2600
router has 10.0.0.1. When i currently connect to the VPN i get an IP of
10.0.0.202 which is set by the router VPN configuration i think. I can
then ping the ip address of the server and router but cannot ping the
server name (sbs01) or FQDN name (sbs01.company.local). When i type in
the server ip address in IE i can connect to the exchange server.
The way i originally configured the SBS was to run ICW to enable VPN
(PPTP). I then ran the routing and remote access wizard to setup the
VPN. At this moment, i cannot access the https://publicFQDN/remote
page... it comes up as page cannot be displayed.
Any more ideas?
Thanks for your help so far, Gareth
"Crina Li" wrote:
Hi Gareth,
Thanks for your update.
To narrow down the problem, would you please help me confirm how you
configure VPN from remote client to SBS? Does the situation occur if you
follow the steps:
Configure VPN access on an SBS environment:
1. Run CEICW, follow the wizard and select Enable firewall and then make
sure Virtual Private Networking (VPN) is selected in the Services
Configuration page. And make sure you have typed the public FQDN of the SBS
server on the Web Server Certificate page.
2. Run Remote Access Wizard in Server Management\Internet and
E-mail\Configure Remote Access, and select VPN access in the Remote Access
Method page. After finishing this wizard, RRAS is configured to allow
inbound VPN access, and it can assign IP addresses to the VPN clients by
using DHCP.
Note: When we run the remote access wizard to set up the VPN service, we
need to input the public IP address or the public FQDN of the SBS server.
We need to make sure that the address can be accessed from the internet.
3. On the VPN client, go to https://publicFQDN/remote, clear I'm using a
public or shared computer, log in and download Connection Manager.
4. Install Connection Manager on the VPN client.
5. Is there a hardware router installed in front of the SBS server? If so,
ensure that the port forwarding for TCP 1723 and GRE port (protocol number
47) are opened. PPTP VPN is negotiating a connection on TCP port 1723 and
send data to and from the PPTP server using the GRE protocol (IP Protocol
47, 0x2F if you are looking in Network Monitor). You should open port 1723
on the router and also make sure IP Protocol 47 is allowed.
Thanks for your time and I look forward to hearing from you.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: gjoneshtfc@xxxxxxxxxxxxxxx
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: Re: VPN file access
| Date: 7 Jul 2006 02:09:17 -0700
| Organization: http://groups.google.com
| Lines: 24
| Message-ID: <1152263356.943416.175110@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <1152005677.573065.156690@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| <1152008810.892708.232700@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| <wGsfEV#nGHA.2028@xxxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: 84.92.212.18
| Mime-Version: 1.0
| Content-Type: text/plain; charset="iso-8859-1"
| X-Trace: posting.google.com 1152263361 2332 127.0.0.1 (7 Jul 2006
09:09:21 GMT)
| X-Complaints-To: groups-abuse@xxxxxxxxxx
| NNTP-Posting-Date: Fri, 7 Jul 2006 09:09:21 +0000 (UTC)
| In-Reply-To: <wGsfEV#nGHA.2028@xxxxxxxxxxxxxxxxxxxxx>
| User-Agent: G2/0.2
| X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
.NET CLR 1.1.4322),gzip(gfe),gzip(gfe)
| Complaints-To: groups-abuse@xxxxxxxxxx
| Injection-Info: 75g2000cwc.googlegroups.com; posting-host=84.92.212.18;
| posting-account=ieKf7w0AAACFm4C7EiQ_y4pO8YXH2gn7
| Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed00
.sul.t-online.de!t-online.de!border2.nntp.dca.giganews.com!border1.nntp.dca.
giganews.com!nntp.giganews.com!postnews.google.com!75g2000cwc.googlegroups.c
om!not-for-mail
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:279706
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Crina,
|
| Thanks for the reply. I followed your instructions up to the point
| where you ask me to do an ipconfig /all. Here are my results:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
| Physical Address. . . . . . . . . : 00-53-45-00-00-00
| Dhcp Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 10.0.0.202
| Subnet Mask . . . . . . . . . . . : 255.255.255.255
| Default Gateway . . . . . . . . . :
| DNS Servers . . . . . . . . . . . : 212.69.226.3
| 212.69.226.4
|
| This has helped me to identify the problem as DNS (i hope) as the DNS
| server should be the local server on the network (10.0.0.2). My problem
| now is that i am unsure as to how to change this. Do I just change the
| DNS in the server network card properties? If so will that stop the
| internet from working from within the network?
|
| Thanks again,
| Gareth
|
|
.
- Follow-Ups:
- Re: VPN file access
- From: "Crina Li"
- Re: VPN file access
- References:
- VPN file access
- From: gjoneshtfc
- Re: VPN file access
- From: gjoneshtfc
- Re: VPN file access
- From: "Crina Li"
- VPN file access
- Prev by Date: RE: help!!! network connection dying
- Next by Date: RE: CEICW-OMA errors
- Previous by thread: Re: VPN file access
- Next by thread: Re: VPN file access
- Index(es):
Relevant Pages
|
Loading
