RE: SBS2k3 VPN Issue
- From: v-robeli@xxxxxxxxxxxxxxxxxxxx (Robert Li [MSFT])
- Date: Fri, 09 Feb 2007 12:37:07 GMT
Hi Joe,
Thanks for posting in our newsgroup.
From your description, I know that the remote users use VPN to connect toSBS network. Your SBS server has only one Nic. When the server assigns the
VPN clients to the same IP as the LAN, the clients can RDP either Server or
internal computer. When the server assigns the VPN clients the different IP
range, they can only RDP the server. If I am off-base, please don¡¯t
hesitate to let me know.
Please let me know the following to make the situation more clearly:
1. Do you have a router between the SBS server and the Internet?
Based on my research, if the VPN clients get the same range of IP as the
client in the LAN, in fact they are in the same subnet, they can
communication without routing, so the remote user can RDP the internal
clients.
If the VPN clients get different range of IP as the clients in LAN, they
are in two different subnets. Since the SBS Server has one NIC, it doesn¡¯t
support IP routing, which means the RRAS cannot route traffic from
different subnets. This is a by-design behavior.
To resolve the problem, you can do the following:
Add a new NIC on the SBS server. One connect to the Router, the other
connect the internal network. Then rerun the CEICW to configure network.
Configure the RRAS to assign the same range of IP to VPN clients.
For more information, please refer to:
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763
If you need further assistance, please don¡¯t hesitate to let me know.
Best regards,
Robert Li(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<Thread-Topic: SBS2k3 VPN Issue
<thread-index: AcdLIpsiTDLH4C70Te+He0FlVlF/4Q==
<X-WBNR-Posting-Host: 151.203.242.33
<From: =?Utf-8?B?Sm9lIFdlbG5h?= <JoeWelna@xxxxxxxxxxxxxxxxxxxxxxxxx>
<Subject: SBS2k3 VPN Issue
<Date: Wed, 7 Feb 2007 17:44:00 -0800
<Lines: 27
<Message-ID: <31C8536F-E2A0-4D68-9582-65E647D380CA@xxxxxxxxxxxxx>
<MIME-Version: 1.0
<Content-Type: text/plain;
< charset="Utf-8"
<Content-Transfer-Encoding: 7bit
<X-Newsreader: Microsoft CDO for Windows 2000
<Content-Class: urn:content-classes:message
<Importance: normal
<Priority: normal
<X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
<Newsgroups: microsoft.public.windows.server.sbs
<Path: TK2MSFTNGHUB02.phx.gbl
<Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:15628
<NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
<X-Tomcat-NG: microsoft.public.windows.server.sbs
<
<I have a few SBS2k3 R2 Basic networks that are having VPN problems
connecting
<to clients. Essentially, I can't RDP into the clients unless RRAS assigns
IP
<addresses in the same subnet as the lan. I can RDP into the server without
<problems.
<
<Typically, I had been setting the lan to 192.168.16.x, with RRAS using the
<range 172.16.0.x. Under those crircumstances, I can see the server and can
<connect to it either by its name or the IP's 192.168.16.2 or 172.16.0.1. I
<can not connect to any workstation either by name or known IP. If I
<reconfigure RRAS to use the 192.168.16.x range, I can see the clients.
<
<I have always used the 172.16.x.x range for RRAS and can't fathom what
might
<be different on the SBS2k3 R2 networks. I checked an SBS2k3 SP1 network
for
<any differences in my RRAS setup and there were none that I could see.
<
<The only difference between the new SBS2k3 R2 setups and the previous
sites
<where it did work was that the working sites are SBS premium with 2 nics
<while the new sites are basic with one nic. Is ISA in premium translating
<between the internal and external nics, hence routing the request, or have
I
<missed something?
<
<I know I can put my VPN clients into the lan subnet, but I'm very curious
as
<to why this is no longer working.
<
<Thanks for any help.
<
<Joseph B. Welna
<
.
- Follow-Ups:
- RE: SBS2k3 VPN Issue
- From: Joe Welna
- RE: SBS2k3 VPN Issue
- Prev by Date: Need help on exchange server.
- Next by Date: Re: Need help on exchange server.
- Previous by thread: Need help on exchange server.
- Next by thread: RE: SBS2k3 VPN Issue
- Index(es):
Relevant Pages
|
