RE: Can not access network resources via VPN connection
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Wed, 20 Jun 2007 08:30:31 GMT
Hello Frank,
Thank you for posting here.
According to your description, I understand that you can not access the
share folder via the VPN connection. If I have misunderstood the problem,
please don't hesitate to let me know.
First, the ipconfig /all outcome on VPN client is wrong (same as server
side), please post it again.
I'd like confirm the steps you establish the VPN, I recommend you perform
the following steps to setup VPN connection:
1. Configure firewall
The firewall must be able to pass Generic Route Encapsulation (GRE)
protocol 47 and TCP 1723 port for PPTP traffic to connect correctly to use
VPN. When a cable/DSL router/firewall cannot map GRE protocol 47 and TCP
1723 port to the Routing and Remote Access server, you cannot connect to
the server from the Internet. Therefore, please confirm that you have
forward TCP 1723 and GRE 47 to SBS. For more info and detail steps, please
contact your firewall vendor for help.
2. Run CEICW on SBS
You have to rerun the CEICW to make sure your SBS 2003 server have right
network configuration. Go through the follow KB and Rerun CEICW again
carefully.
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us
Detailed steps for your reference:
a. On the SBS 2003 Server open the Server Management console. Go to
Standard Management\To Do List.
b. Click the "Connect to the Internet" link.
c. When navigating to the Firewall page, select "Enable firewall" and click
Next.
d. On the "Services Configuration" page, select all the items and then
click Next.
e. On the "Web Services Configuration" page, make sure "Allow access to the
entire Web site from the Internet" is selected. If you select "Allow access
to only the following Web site services from the Internet", make sure all
item in the list are selected. Click Next.
f. On the "Web Server Certificate" page, choose to create a new Web server
certificate and then type the public FQDN (your public DNS name) that you
will use to access OWA and RWW (for example, if your public FQDN that you
use to access the sites is www.xyz.com, you should type www.xyz.com as the
new certificate name).
g. Go through the remaining steps.
3. Run Remote Access wizard
a) On the Small Business Server 2003-based server, click To Do List in the
left pane of the Server Management console.
b) Under Network Tasks, click Configure Remote Access.
c) Click Next, click Enable Remote Access, click to select the VPN Access
check box, and then click Next.
d) Type the fully qualified public domain name (public DNS name) of your
server, click Next, and then click Finish.
e) When the wizard is completed, click Close.
4. Then you can access RWW to download Connection Manager or copy the file
from SBS server c:\ ClientApps\Connection Manager\SBSPackage.exe. Please
save the sbspackage.exe file in client computer or everyone's USB flash
drive. When they out of office, they can double-click SBSPackage.exe to run
it. After this file run the "connect to small business server" will be
created and you can use it to connect VPN to your SBS server.
If we can not resolve the issue after we perform the above steps, please
kindly help me collect some information for further investigation:
1. Please try to access the share folder via IP address, does the issue
happen again?
2. Please try to ping the internal client via the VPN, does it success?
3. Please try to ping the IP 192.168.0.4, does it success?
4. Do you get any error when you access the share folders? Please capture
screenshots on the error messages and send the pictures to me at
v-terliu@xxxxxxxxxxxxx
5. Please try to change another ISP on remote client side, and change to
use another computer to establish the VPN connection, does this issue can
be reproduced?
6. Test the VPN connection from inside of the SBS network, will the problem
be reproduced?
Note: This test will bypass the DSL router.
Manually create a VPN connection on the internal client through the
following KB article:
How to configure a VPN connection to your corporate network in Windows XP
Professional
http://support.microsoft.com/?id=305550
Note: The VPN server IP is the internal IP address of the SBS Server
Hope these steps will give you some help.
Thanks and have a nice day!
Best regards,
Terence Liu(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Can not access network resources via VPN connection
| thread-index: Aceyzh45pNPpkXaTQsurE9bGvUK0rw==
| X-WBNR-Posting-Host: 207.46.193.207
| From: =?Utf-8?B?RnJhbmsgS25pcHBlbmJlcmc=?= <Frank
Knippenberg@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: Can not access network resources via VPN connection
| Date: Tue, 19 Jun 2007 17:01:14 -0700
| Lines: 165
| Message-ID: <D66A7AEA-26AB-40B6-ABB3-99527006B7E3@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2826
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:44988
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I can not access my network resources such as shares via the VPN
connection I
| have created.
|
| I am running SBS 2003 without ISA
| I have checked permisions of shares and that does not seem to be the
issue.
| Below are the ipconfig's and the routing table.
|
| Hopefully this is enough info to solve this problem.
|
| Thanks
|
| Below is the ipconfig /all run from the server with the VPN connection
| established.
|
| Microsoft Windows [Version 5.2.3790]
| (C) Copyright 1985-2003 Microsoft Corp.
|
| C:\Documents and Settings\Administrator>ipconfig /all
|
| Windows IP Configuration
|
| Host Name . . . . . . . . . . . . : KMK-SBSSRV
| Primary Dns Suffix . . . . . . . : kmklandscapes.local
| Node Type . . . . . . . . . . . . : Unknown
| IP Routing Enabled. . . . . . . . : Yes
| WINS Proxy Enabled. . . . . . . . : Yes
| DNS Suffix Search List. . . . . . : kmklandscapes.local
|
| PPP adapter RAS Server (Dial In) Interface:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
| Physical Address. . . . . . . . . : 00-53-45-00-00-00
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.0.22
| Subnet Mask . . . . . . . . . . . : 255.255.255.255
| Default Gateway . . . . . . . . . :
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Ethernet adapter Server Local Area Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
| Physical Address. . . . . . . . . : 00-18-8B-FC-EE-10
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.0.4
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . :
| DNS Servers . . . . . . . . . . . : 192.168.0.4
| Primary WINS Server . . . . . . . : 192.168.0.4
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Ethernet adapter Local Area Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Linksys EG1032 v3 Instant Gigabit
| Desktop
| Network Adapter Driver
| Physical Address. . . . . . . . . : 00-18-F8-0D-89-1B
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 74.94.167.209
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . : 74.94.167.210
| DNS Servers . . . . . . . . . . . : 192.168.0.4
| Primary WINS Server . . . . . . . : 192.168.0.4
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Below is the ipconfig /all of the Client computer with VPN established
|
| Microsoft Windows [Version 5.2.3790]
| (C) Copyright 1985-2003 Microsoft Corp.
|
| C:\Documents and Settings\Administrator>ipconfig /all
|
| Windows IP Configuration
|
| Host Name . . . . . . . . . . . . : KMK-SBSSRV
| Primary Dns Suffix . . . . . . . : kmklandscapes.local
| Node Type . . . . . . . . . . . . : Unknown
| IP Routing Enabled. . . . . . . . : Yes
| WINS Proxy Enabled. . . . . . . . : Yes
| DNS Suffix Search List. . . . . . : kmklandscapes.local
|
| PPP adapter RAS Server (Dial In) Interface:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
| Physical Address. . . . . . . . . : 00-53-45-00-00-00
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.0.22
| Subnet Mask . . . . . . . . . . . : 255.255.255.255
| Default Gateway . . . . . . . . . :
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Ethernet adapter Server Local Area Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
| Physical Address. . . . . . . . . : 00-18-8B-FC-EE-10
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 192.168.0.4
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . :
| DNS Servers . . . . . . . . . . . : 192.168.0.4
| Primary WINS Server . . . . . . . : 192.168.0.4
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Ethernet adapter Local Area Connection:
|
| Connection-specific DNS Suffix . :
| Description . . . . . . . . . . . : Linksys EG1032 v3 Instant Gigabit
| Desktop
| Network Adapter Driver
| Physical Address. . . . . . . . . : 00-18-F8-0D-89-1B
| DHCP Enabled. . . . . . . . . . . : No
| IP Address. . . . . . . . . . . . : 74.94.167.209
| Subnet Mask . . . . . . . . . . . : 255.255.255.0
| Default Gateway . . . . . . . . . : 74.94.167.210
| DNS Servers . . . . . . . . . . . : 192.168.0.4
| Primary WINS Server . . . . . . . : 192.168.0.4
| NetBIOS over Tcpip. . . . . . . . : Disabled
|
| Below is the routing table
|
| Microsoft Windows XP [Version 5.1.2600]
| (C) Copyright 1985-2001 Microsoft Corp.
|
| C:\Documents and Settings\Owner>route print
|
===========================================================================
| Interface List
| 0x1 ........................... MS TCP Loopback interface
| 0x2 ...00 07 e9 dc c1 20 ...... Intel(R) PRO/100 VE Network Connection -
| Packet
| Scheduler Miniport
| 0x10004 ...00 18 f8 a5 6c b8 ...... Compact Wireless-G USB Adapter #2 -
| Packet S
| cheduler Miniport
| 0x1a0005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
|
===========================================================================
|
===========================================================================
| Active Routes:
| Network Destination Netmask Gateway Interface
Metric
| 0.0.0.0 0.0.0.0 10.10.0.1 10.10.0.100
26
| 0.0.0.0 0.0.0.0 192.168.0.16 192.168.0.16
1
| 10.10.0.0 255.255.255.0 10.10.0.100 10.10.0.100
25
| 10.10.0.100 255.255.255.255 127.0.0.1 127.0.0.1
25
| 10.255.255.255 255.255.255.255 10.10.0.100 10.10.0.100
25
| 74.94.167.209 255.255.255.255 10.10.0.1 10.10.0.100
25
| 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
| 192.168.0.0 255.255.255.0 192.168.0.16 192.168.0.16
1
| 192.168.0.16 255.255.255.255 127.0.0.1 127.0.0.1
50
| 192.168.0.255 255.255.255.255 192.168.0.16 192.168.0.16
50
| 224.0.0.0 240.0.0.0 10.10.0.100 10.10.0.100
25
| 224.0.0.0 240.0.0.0 192.168.0.16 192.168.0.16
1
| 255.255.255.255 255.255.255.255 10.10.0.100 10.10.0.100
1
| 255.255.255.255 255.255.255.255 192.168.0.16 192.168.0.16
1
| 255.255.255.255 255.255.255.255 192.168.0.16 2
1
| Default Gateway: 192.168.0.16
|
===========================================================================
| Persistent Routes:
| None
|
| C:\Documents and Settings\Owner>
|
|
|
.
- Follow-Ups:
- RE: Can not access network resources via VPN connection
- From: Frank Knippenberg
- RE: Can not access network resources via VPN connection
- References:
- Can not access network resources via VPN connection
- From: Frank Knippenberg
- Can not access network resources via VPN connection
- Prev by Date: SBS2003, Mobile 5 and multiple certificates
- Next by Date: Re: Publishing a web server on port 85 behind ISA 2004
- Previous by thread: Can not access network resources via VPN connection
- Next by thread: RE: Can not access network resources via VPN connection
- Index(es):
Relevant Pages
|
