RE: SBS VPN connects but no shares..
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Wed, 15 Nov 2006 07:22:18 GMT
Hello Rrafiringa,
Thank you for posting here.
According to your description, I understand that the VPN clients can
dial-up and authenticate, but they can't access any resource
on SBS 2003 server. If I have misunderstood the problem, please don't
hesitate to let me know.
Based on my research, this problem occurs mostly because of a change in
Windows Server 2003 SP1. Windows Server 2003 SP1 enables the
BootTimeSecurity registry entry. Therefore, after you install Windows
Server 2003 SP1, the Windows Server 2003 Ipnat.sys driver drops VPN packets
that it receives.
You can find more information about it in:
VPN clients can no longer access internal resources after you install
Windows Server 2003 Service Pack 1 on a computer that is running ISA Server
2000
http://support.microsoft.com/kb/897651/en-us
I suggest that we try the following steps to see if the problem can be
resolved:
Step 1: Contact the PSS to obtain the hotfix 897651 (the link above) and
apply the hotfix on the SBS Server.
(You must restart the computer after you apply this hotfix.)
Step 2: After you install this hotfix, you must set the value for the
following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpNat\Parameters
You must set this value as follows:
Value name: DisableBootTimeSecurity
Value type: REG_DWORD
Value data: 1
After these 2 steps, if VPN clients can't access Internet, I suggest we try
to manually create a VPN connection on the remote client through the
following KB article:
How to configure a VPN connection to your corporate network in Windows XP
Professional
http://support.microsoft.com/?id=305550
Then we can try following steps:
Not using the remote gateway on the client, to do so:
On the remote client
1). Double-click My Computer, and then click the Network and Dial-up
Connections link.
2). Right-click the VPN connection that you want to change, and then click
Properties.
3). Click the Networking tab, click Internet Protocol (TCP/IP) in the
'Components checked are used by this connection' list, and then click
Properties.
4). Click Advanced, and then click to clear the Use default gateway on
remote network check box.
If the issue persists, please kindly help me collect some information for
further investigation:
1. Does the problem occur on all remote clients?
2. Can internal clients access share folders on SBS server and Internet?
3. What changes did you made to the SBS Server when the error occurred?
4. Can VPN clients ping SBS internal interface IP after VPN connection is
established? Can they ping the internal clients?
Hope this helps.
Thanks and have a nice day!
Best regards,
Terence Liu(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "voske74" <addevos@xxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: SBS VPN connects but no shares..
| Date: 14 Nov 2006 12:45:26 -0800
| Organization: http://groups.google.com
| Lines: 113
| Message-ID: <1163537125.941708.247130@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
| NNTP-Posting-Host: 82.170.254.9
| Mime-Version: 1.0
| Content-Type: text/plain; charset="iso-8859-1"
| X-Trace: posting.google.com 1163537131 5380 127.0.0.1 (14 Nov 2006
20:45:31 GMT)
| X-Complaints-To: groups-abuse@xxxxxxxxxx
| NNTP-Posting-Date: Tue, 14 Nov 2006 20:45:31 +0000 (UTC)
| User-Agent: G2/1.0
| X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;
InfoPath.1; .NET CLR 1.1.4322),gzip(gfe),gzip(gfe)
| Complaints-To: groups-abuse@xxxxxxxxxx
| Injection-Info: h54g2000cwb.googlegroups.com; posting-host=82.170.254.9;
| posting-account=L5YXWg0AAABsE3fR7sRnSNYAXv-voJOH
| Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!msrtrans!m
srn-in!newshub.sdsu.edu!postnews.google.com!h54g2000cwb.googlegroups.com!not
-for-mail
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:312640
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi I had a working VPN solution on my sbs 2003 SP1 premium (with isa
| 2000) server. I could get a connection from a client and use the
| shares. But since a few days i cannot connect any share on the server
| even when VPN connected.. I reran rras and cceiw but no result.
| I also tried several solutions i saw on different forums and
| newsgroups, but no result. Could anybody help me please...
|
| Here a screendump of the ipconfig of the server (dutch):
|
| Windows IP-configuratie
|
| Hostnaam . . . . . . . . . . . . : raamd1
| Primair DNS-achtervoegsel. . . . .: RAAMD1.local
| Knooppunttype: . . . . . . . . . .: onbekend
| IP-routering ingeschakeld. . . . .: ja
| WINS-proxy ingeschakeld . . . . . : ja
| DNS-achtervoegselzoeklijst. . . . : RAAMD1.local
|
| Ethernet-adapter Lokale netwerkverbinding van server: (local adapter)
|
| Verbindingsspec. DNS-achtervoegsel:
| Beschrijving . . . . . . . . . . .: HP NC7761 Gigabit Server Adapter
| Fysiek adres. . . . . . . . . . . : 00-13-21-AE-0E-3B
| DHCP ingeschakeld:. . . . . . . . : nee
| IP-adres. . . . . . . . . . . . . : 192.168.16.2
| Subnetmasker. . . . . . . . . . . : 255.255.255.0
| Standaard-gateway . . . . . . . . :
| DNS-servers . . . . . . . . . . . : 192.168.16.2
| Primaire WINS-server. . . . . . . : 192.168.16.2
|
| Ethernet-adapter Netwerkverbinding: (external adapter)
|
| Verbindingsspec. DNS-achtervoegsel:
| Beschrijving . . . . . . . . . . .: HP NC1020 ProLiant Gigabit
| Server Adapter
| 32 PCI
| Fysiek adres. . . . . . . . . . . : 00-18-71-4D-65-80
| DHCP ingeschakeld:. . . . . . . . : nee
| IP-adres. . . . . . . . . . . . . : 192.168.1.3
| Subnetmasker. . . . . . . . . . . : 255.255.255.0
| Standaard-gateway . . . . . . . . : 192.168.1.4
| DNS-servers . . . . . . . . . . . : 192.168.16.2
| Primaire WINS-server. . . . . . . : 192.168.16.2
| NetBIOS over TCPIP. . . . . . . . : uitgeschakeld
|
| PPP-adapter RAS-serverinterface (inbellen):
|
| Verbindingsspec. DNS-achtervoegsel:
| Beschrijving . . . . . . . . . . .: WAN (PPP/SLIP) Interface
| Fysiek adres. . . . . . . . . . . : 00-53-45-00-00-00
| DHCP ingeschakeld:. . . . . . . . : nee
| IP-adres. . . . . . . . . . . . . : 192.168.16.24
| Subnetmasker. . . . . . . . . . . : 255.255.255.255
| Standaard-gateway . . . . . . . . :
| NetBIOS over TCPIP. . . . . . . . : uitgeschakeld
|
| Here a screendump of the ipconfig of the client when connected:
|
| Windows IP Configuration
|
| Host Name . . . . . . . . . . . . : laptop
| Primary Dns Suffix . . . . . . . :
| Node Type . . . . . . . . . . . . : Hybrid
| IP Routing Enabled. . . . . . . . : No
| WINS Proxy Enabled. . . . . . . . : No
|
| Ethernet adapter Local Area Connection:
|
| Media State . . . . . . . . . . . : Media disconnected
| Description . . . . . . . . . . . : Realtek RTL8139 Family PCI
| Fast Ethe
| rnet NIC
| Physical Address. . . . . . . . . : 00-08-02-D8-C6-6B
|
| Ethernet adapter Wireless Network Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : NETGEAR WG111v2 54Mbps
| Wireless USB
| 2.0 Adapter
| Physical Address. . . . . . . . . : 00-0F-B5-C5-BF-4A
| Dhcp Enabled. . . . . . . . . . . : Yes
| Autoconfiguration Enabled . . . . : Yes
| IP Address. . . . . . . . . . . . : 192.168.1.36
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . : 192.168.1.254
| DHCP Server . . . . . . . . . . . : 192.168.1.254
| DNS Servers . . . . . . . . . . . : 192.168.1.254
| Lease Obtained. . . . . . . . . . : dinsdag 14 november 2006
| 19:59:04
| Lease Expires . . . . . . . . . . : vrijdag 17 november 2006
| 19:59:04
|
| PPP adapter connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
| Physical Address. . . . . . . . . : 00-53-45-00-00-00
| Dhcp Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.16.20
| Subnet Mask . . . . . . . . . . . : 255.255.255.255
| Default Gateway . . . . . . . . . : 192.168.16.20
| DNS Servers . . . . . . . . . . . : 192.168.16.2
| Primary WINS Server . . . . . . . : 192.168.16.2
|
|
| Your help is greatly appreciated.
|
| o yes, Internet is also not working when connected with vpn..
|
| Thank you
| Ad
|
|
.
- Follow-Ups:
- Re: SBS VPN connects but no shares..
- From: voske74
- Re: SBS VPN connects but no shares..
- References:
- SBS VPN connects but no shares..
- From: voske74
- SBS VPN connects but no shares..
- Prev by Date: RE: linking public contacts to Sharepoint
- Next by Date: RE: SBS 2003- Outlook fax
- Previous by thread: SBS VPN connects but no shares..
- Next by thread: Re: SBS VPN connects but no shares..
- Index(es):
Relevant Pages
|
