RE: SBS2k3 VPN Issue
- From: v-robeli@xxxxxxxxxxxxxxxxxxxx (Robert Li [MSFT])
- Date: Tue, 13 Feb 2007 12:06:29 GMT
Hi Joseph,
Thanks for updating.
Yes, the SBS Server has one NIC, it doesn't support IP routing, You can
either add another NIC or configure the RRAS to assign the same range of
IP to VPN clients to solved this problem.
If you need further assistance, please don't hesitate to let me know.
Best regards,
Robert Li(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
<Thread-Topic: SBS2k3 VPN Issue
<thread-index: AcdMd1R8rzgftt/FShSt6fRZ6KV2oA==
<X-WBNR-Posting-Host: 151.203.242.33
<From: =?Utf-8?B?Sm9lIFdlbG5h?= <JoeWelna@xxxxxxxxxxxxxxxxxxxxxxxxx>
<References: <31C8536F-E2A0-4D68-9582-65E647D380CA@xxxxxxxxxxxxx>
<LTWdEcETHHA.2356@xxxxxxxxxxxxxxxxxxxxxx>
<Subject: RE: SBS2k3 VPN Issue
<Date: Fri, 9 Feb 2007 10:23:00 -0800
<Lines: 144
<Message-ID: <A499777B-98B5-4C47-997B-EFFEAF1FEAB7@xxxxxxxxxxxxx>
<MIME-Version: 1.0
<Content-Type: text/plain;
< charset="Utf-8"
<Content-Transfer-Encoding: 8bit
<X-Newsreader: Microsoft CDO for Windows 2000
<Content-Class: urn:content-classes:message
<Importance: normal
<Priority: normal
<X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
<Newsgroups: microsoft.public.windows.server.sbs
<Path: TK2MSFTNGHUB02.phx.gbl
<Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:16106
<NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
<X-Tomcat-NG: microsoft.public.windows.server.sbs
<
<I had a feeling that was it ... IP routing only works with more than one
nic.
<Thanks for your help.
<--
<Joseph B. Welna
<
<
<"Robert Li [MSFT]" wrote:
<
<> Hi Joe,
<>
<> Thanks for posting in our newsgroup.
<>
<> From your description, I know that the remote users use VPN to connect
to
<> SBS network. Your SBS server has only one Nic. When the server assigns
the
<> VPN clients to the same IP as the LAN, the clients can RDP either Server
or
<> internal computer. When the server assigns the VPN clients the different
IP
<> range, they can only RDP the server. If I am off-base, please don¡¯t
<> hesitate to let me know.
<>
<> Please let me know the following to make the situation more clearly:
<>
<> 1. Do you have a router between the SBS server and the Internet?
<>
<> Based on my research, if the VPN clients get the same range of IP as the
<> client in the LAN, in fact they are in the same subnet, they can
<> communication without routing, so the remote user can RDP the internal
<> clients.
<>
<> If the VPN clients get different range of IP as the clients in LAN, they
<> are in two different subnets. Since the SBS Server has one NIC, it
doesn¡¯t
<> support IP routing, which means the RRAS cannot route traffic from
<> different subnets. This is a by-design behavior.
<>
<> To resolve the problem, you can do the following:
<>
<> Add a new NIC on the SBS server. One connect to the Router, the other
<> connect the internal network. Then rerun the CEICW to configure network.
<> Configure the RRAS to assign the same range of IP to VPN clients.
<> For more information, please refer to:
<>
<> 825763 How to configure Internet access in Windows Small Business Server
<> 2003
<> http://support.microsoft.com/?id=825763
<>
<> If you need further assistance, please don¡¯t hesitate to let me know.
<>
<>
<> Best regards,
<>
<> Robert Li(MSFT)
<>
<> Microsoft CSS Online Newsgroup Support
<>
<> Get Secure! - www.microsoft.com/security
<>
<> =====================================================
<>
<> This newsgroup only focuses on SBS technical issues. If you have issues
<> regarding other Microsoft products, you'd better post in the
corresponding
<> newsgroups so that they can be resolved in an efficient and timely
manner.
<> You can locate the newsgroup here:
<> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
<>
<> When opening a new thread via the web interface, we recommend you check
the
<> "Notify me of replies" box to receive e-mail notifications when there
are
<> any updates in your thread. When responding to posts via your
newsreader,
<> please "Reply to Group" so that others may learn and benefit from your
<> issue.
<>
<> Microsoft engineers can only focus on one issue per thread. Although we
<> provide other information for your reference, we recommend you post
<> different incidents in different threads to keep the thread clean. In
doing
<> so, it will ensure your issues are resolved in a timely manner.
<>
<> For urgent issues, you may want to contact Microsoft CSS directly.
Please
<> check http://support.microsoft.com for regional support phone numbers.
<>
<> Any input or comments in this thread are highly appreciated.
<>
<> =====================================================
<>
<> This posting is provided "AS IS" with no warranties, and confers no
rights.
<>
<> --------------------
<> <Thread-Topic: SBS2k3 VPN Issue
<> <thread-index: AcdLIpsiTDLH4C70Te+He0FlVlF/4Q==
<> <X-WBNR-Posting-Host: 151.203.242.33
<> <From: =?Utf-8?B?Sm9lIFdlbG5h?= <JoeWelna@xxxxxxxxxxxxxxxxxxxxxxxxx>
<> <Subject: SBS2k3 VPN Issue
<> <Date: Wed, 7 Feb 2007 17:44:00 -0800
<> <Lines: 27
<> <Message-ID: <31C8536F-E2A0-4D68-9582-65E647D380CA@xxxxxxxxxxxxx>
<> <MIME-Version: 1.0
<> <Content-Type: text/plain;
<> < charset="Utf-8"
<> <Content-Transfer-Encoding: 7bit
<> <X-Newsreader: Microsoft CDO for Windows 2000
<> <Content-Class: urn:content-classes:message
<> <Importance: normal
<> <Priority: normal
<> <X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
<> <Newsgroups: microsoft.public.windows.server.sbs
<> <Path: TK2MSFTNGHUB02.phx.gbl
<> <Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:15628
<> <NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
<> <X-Tomcat-NG: microsoft.public.windows.server.sbs
<> <
<> <I have a few SBS2k3 R2 Basic networks that are having VPN problems
<> connecting
<> <to clients. Essentially, I can't RDP into the clients unless RRAS
assigns
<> IP
<> <addresses in the same subnet as the lan. I can RDP into the server
without
<> <problems.
<> <
<> <Typically, I had been setting the lan to 192.168.16.x, with RRAS using
the
<> <range 172.16.0.x. Under those crircumstances, I can see the server and
can
<> <connect to it either by its name or the IP's 192.168.16.2 or
172.16.0.1. I
<> <can not connect to any workstation either by name or known IP. If I
<> <reconfigure RRAS to use the 192.168.16.x range, I can see the clients.
<> <
<> <I have always used the 172.16.x.x range for RRAS and can't fathom what
<> might
<> <be different on the SBS2k3 R2 networks. I checked an SBS2k3 SP1 network
<> for
<> <any differences in my RRAS setup and there were none that I could see.
<> <
<> <The only difference between the new SBS2k3 R2 setups and the previous
<> sites
<> <where it did work was that the working sites are SBS premium with 2
nics
<> <while the new sites are basic with one nic. Is ISA in premium
translating
<> <between the internal and external nics, hence routing the request, or
have
<> I
<> <missed something?
<> <
<> <I know I can put my VPN clients into the lan subnet, but I'm very
curious
<> as
<> <to why this is no longer working.
<> <
<> <Thanks for any help.
<> <
<> <Joseph B. Welna
<> <
<>
<>
<
.
- References:
- RE: SBS2k3 VPN Issue
- From: Robert Li [MSFT]
- RE: SBS2k3 VPN Issue
- From: Joe Welna
- RE: SBS2k3 VPN Issue
- Prev by Date: Re: IIS logs for Exchange/OMA Access
- Next by Date: Re: SBS 2003 Std .....may want to install full SQL
- Previous by thread: RE: SBS2k3 VPN Issue
- Next by thread: Unknown Alerts on SBS 2003
- Index(es):
Relevant Pages
|
