Re: VPN clients unable to connect to other resources.

Is the home network using the same subnet (192.168.2.x)? That could cause problems.

Next time I'm at my home PC, I'll VPN in and see what IP info I'm getting from the DHCP server on the SBS. I sort of doubt DHCP as a cause, but it'll only take a second to check.

You're not missing the concept - if you can connect to \\john\share from a client PC on your LAN, you should be able to do so from a remote VPN client, including ones that do not belong to the SBS domains. You might get some extra password prompts, but that's it (and you can often avoid those by creating a user on the home PC with username and password matching those on the SBS).

"J Smith" <JSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:C4517E44-2244-4299-8626-38D669025789@xxxxxxxxxxxxxxxx
Hi Dave,

After I connect to the VPN on the SBS 2003 machine I'm unable to log onto
another resource on another machine. If I go to start, run, \\john\share I
get the network path was not found. Like the share doesn't exist. All shares
and network settings work on the LAN. We only have this problem with VPN
clients. The XP clients are not part of the domain either. They are strickly
home PC's. I'm wanting to use the VPN client to simply join them to our
network and browse and use the network resources as they were in the LAN.
I'm not missing the concept of how this functions am I? I understand that the
VPN server, remote routing and access running on the SBS 2003 server manages
the connections and allows the connection to come in and connect. I'm getting
this far but it stops there. It's like the remote connections are not updated
with the VPN route table or VPN LAN network information.

Once the connection is successful I am able to go to Start, Run,
\\192.168.2.25 and open all the shares on the server. I'm wanting to be able
to do this with other PC's on the same LAN and this is what is not working.
Also once connected I'm not able to use the PC name to connect either. WINS
and DNS are configured and hardset on the VPN client side as well for
192.168.2.25.

Again thanks for your help and time.

"Dave Nickason [SBS MVP]" wrote:

After you connect the VPN to the SBS as expected, can you please describe
what you're trying to do that's failing, and how you're trying to do it?
Please post back what's failing, and the specific error message (if there is
one).

For example, if you have a share on a desktop PC that you're trying to
access, what happens if on the remote client, you go to Start -> Run and
type in \\hostname\sharename? And if that fails, what happens when you try
to do it from another machine on the SBS LAN?

I wouldn't worry about ping except in the absence of the ability to actually
connect. For example, your SonicWall is probably configured to ignore
pings. I would start by seeing if you can connect to a resource from
within the LAN, and if not, look at the firewall settings and the remote
access permissions on that machine. Besides networking, which appears to be
working properly, you could be running up against the local machine's
firewall settings, NTFS permissions, etc.

One thing to check - if you're having trouble connecting to an XP box, go to
CP -> Windows Firewall and make sure it's set to use the domain settings
(it'll tell at the bottom of the first page in the firewall properties). If
it's set to non-domain, set the Network Location Awareness service to
automatic startup, and either reboot or do a gpupdate /force. In the
non-domain configuration, remote access is blocked, and so is ping.


"J Smith" <JSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D8F9B880-7B16-49F0-9A73-1EF4D0A395C5@xxxxxxxxxxxxxxxx
> The XP Pro clients are connecting to the SBS 2003 server. I did use the
> wizard to setup remote access. The clients connect to the server and > can
> access the server shares and so forth. The IP of clients when they
> connect
> is 192.168.2.XXX matches the subnet of the 2003 server. I find it > strange
> that the IP and Gateway match the on the network IP given by the DHCP
> server.
> I need the VPN because we have a sonicwall device that will backup > client
> laptops on the network via VPN access. I can't ping the sonicwall > device
> nor
> the gateway. I need the VPN to work for the device to pick-up the CDP
> data
> protection for the remote clients this rules out the RWW.
>
> "Dave Nickason [SBS MVP]" wrote:
>
>> Are you using the SBS as the VPN end point? If your SBS and your >> local
>> client PCs are on 192.168.2.x, your remote clients should be getting >> an
>> IP
>> address from the DHCP server on the SBS that's in the 192.168.2.x >> subnet.
>>
>> If you haven't already, I'd go to the Server Mgmt Console, Internet >> page,
>> and run the Configure Remote Access wizard. Not sure that'll fix >> this,
>> but
>> it's a start.
>>
>> Do you need VPN for some reason? If not, why not use RWW instead?
>>
>>
>> "J Smith" <JSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:9606D119-6C75-4A7C-B5F2-FCF5ABBC1E75@xxxxxxxxxxxxxxxx
>> > XP Client machines that can successfully connect to the SBS 2003 >> > server
>> > via
>> > VPN cannot access other shares or network resources outside of the >> > SBS
>> > 2003
>> > server. After connecting to the VPN server the IP assigned from the
>> > server
>> > matches the gateway on the DHCP assigned address from the server.
>> >
>> > IP 192.168.2.57
>> > Gateway 192.168.2.57
>> >
>> > I can ping and connect to the server 192.168.2.25 but I can not ping
>> > the
>> > true gateway 192.168.2.1 nor ping any other machine on the subnet. >> > The
>> > IP
>> > scheme of the XP Client machines are 192.168.1.XXX so I'm pretty >> > sure
>> > this
>> > is
>> > not an issue. I think there is a route problem or misconfiguration >> > on
>> > the
>> > VPN
>> > server. I'm wanting to be able to let the XP client access other >> > shares
>> > on
>> > a
>> > couple different locations 192.168.2.250 and 192.168.2.225. Thanks >> > for
>> > your
>> > feedback and assistance.
>> >
>> > J Smith
>>


.

Relevant Pages

  • Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
    ... This set of steps is redundant in many places, and it's also enormously expensive, since you're using no less than three different expensive bits of networking hardware (AP, PIX, VPN Concentrator), in addition to a bunch of x86 server hardware, windows server licenses, and at least one ISA license. ... Your computers necessarily don't have full access to your network infrastructure when they aren't logged on, so GPOs, software updates, etc can't be applied at the times you want them to be applied. ... Turning on, enabling, and implementing every possible security setting and device you think of is not defence in depth, and will probably only have two effects - your users won't use your wireless network, and you'll burn so much cash you won't have any left to spend on *useful* security measures. ...
    (Full-Disclosure)
  • RE: Printing from Win9x clients stops
    ... Open Server Management. ... then right-click the name of the computer running Windows Small Business ... >From the client computer: ... The Select Network Component Type ...
    (microsoft.public.windows.server.sbs)
  • RE: Connecting to resources over a SBS 2003 VPN
    ... VPN client and your SBS server are using a same subnet network ...
    (microsoft.public.windows.server.sbs)
  • RE: Printing from Win9x clients stops
    ... The printers with 9x drivers on the server appeared automatically in the ... > then right-click the name of the computer running Windows Small Business ... > From the client computer: ... The Select Network Component Type ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN clients unable to connect to other resources.
    ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
    (microsoft.public.windows.server.sbs)