Re: VPN Newbie Question
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Mon, 09 Jun 2008 04:30:09 GMT
Hello Pat,
Thank you for your update. Many thanks Joe for the good input.
I agree with Joe, we suggest customer use Vista Business or Enterprise
edition on mobile clients to join to SBS domain at LAN. When the client
move to external, it could logon SBS domain via VPN. If you use Vista Home
on the mobile clients, you will be prompted to input credential when you
want to access SBS LAN resource.
Meanwhile, I suggest you running your SBS with single NIC, since your VPN
is hardware firewall VPN. See the suggestions in my previous reply.
If there's anything else about this issue I can do for you, please do not
hesitate to let me know.
Thank you and have a nice day,
Best regards,
Terence Liu (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: "Slabchops" <no@xxxxxxxxx><3DA8A7DD-1B47-4841-8C3B-5C0FF6F9EADD@xxxxxxxxxxxxx>
Newsgroups: microsoft.public.windows.server.sbs
References: <48460729$0$5719$4c368faf@xxxxxxxxxxxxxx>
<4847425a$0$7034$4c368faf@xxxxxxxxxxxxxx>
<fDIhm3txIHA.1788@xxxxxxxxxxxxxxxxxxxxxx>
In-Reply-To: <fDIhm3txIHA.1788@xxxxxxxxxxxxxxxxxxxxxx>TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed.
Subject: Re: VPN Newbie Question
Date: Sat, 7 Jun 2008 15:13:59 -0400
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Windows Mail 6.0.6000.16480
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16545
Lines: 221
Message-ID: <484addfe$0$4263$4c368faf@xxxxxxxxxxxxxx>
Organization: Road Runner High Speed Online http://www.rr.com
NNTP-Posting-Host: 74.69.82.150
X-Complaints-To: abuse@xxxxxx
X-Original-Bytes: 9704
Path:
cw.net!cw.net!news-FFM2.ecrc.de!news.mediascape.de!newsfeed0.kamp.net!newsfe
ed.kamp.net!newsfeed.freenet.de!newspeer1.nac.net!border2.nntp.dca.giganews.
com!border1.nntp.dca.giganews.com!nntp.giganews.com!nx01.iad01.newshosting.c
om!newshosting.com!69.16.185.51.MISMATCH!tmp-post01.iad!news.highwinds-media
..com!roadrunner.com!not-for-mail
Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:111072hardware
X-Tomcat-NG: microsoft.public.windows.server.sbs
Thanks Terence,
Maybe the problem I am having is because is because my laptop in not Vista
Business, does that matter? I am using Vista Home Premium, I do have an
established connection and IP from the server. Thanks.
-pat
"Terence Liu [MSFT]" <v-terliu@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:fDIhm3txIHA.1788@xxxxxxxxxxxxxxxxxxxxxxxxx
Hello Customer,
Thank you for posting here. Let's also thank Cliff for the input.
According to your description, I understand that you unable to logon SBS
after you establish the VPN connection from remote client to your
ISP.firewall. If I have misunderstood the problem, please don't hesitate to
let
me know.
Based on my research, I suggest we try the following steps to see if we
can
resolve this issue:
Suggestions:
1. As you establish the VPN from remote client to your hardware firewall,
you need to run your SBS 2003 with single NIC. That because you have
hardware firewall before the SBS, we do not need to run the SBS 2003 with
double NICs, and we unable to connect SBS from its external NIC after you
establish VPN connection. If you run SBS with double NICs, please disable
the external NIC, then run the CEICW.
2. After you make SBS to run with single NIC, please run the CEICW as
following:
Go through the follow KB and rerun CEICW carefully.
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763
Detailed steps to run CEICW for your reference:
One network adapter - manual router connection to broadband
a. On the Connection Type page, click Broadband, and then click Next.
b. On the Broadband Connection page, under My server uses, click A local
router device with an IP address, and then click Next.
c. On the Router Connection page, next to Preferred DNS server and next
to
Alternate DNS server, type the IP addresses that are provided by your
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9In the Local IP address of router box, type the IP address of the router
that the server uses to connect to the router.
d. Click to select the My server uses a single network connection for
both
Internet access and the local network check box, and then click Next.
e. A message may appear that warns that the firewall that is provided
cannot be configured. You are offered a chance to view information about
configuration settings for an existing firewall device.
f. On the Network Connection page, click Server Local Area Connection
under the Connection Name.
g. Click Next.
h. Complete the Configure E-mail and Internet Connection Wizard.
If we cannot resolve the issue after we perform the above steps, please
help me collect some information for further investigation:
Gather information for further troubleshooting:
1. Can you ping SBS from remote client after VPN established?
2. Once the VPN connection is established, run command "ipconfig /all >
c:\ipconfig_client.txt" and "route print > c:\route_client.txt" on remote
client, send the files c:\ipconfig_client.txt and c:\route_client.txt to
me
at v-terliu@xxxxxxxxxxxxx
3. Can you connect the SBS via the application when you move your laptop
to
LAN?
4. Gather MPS network report on SBS:
a. Download MPSrepot_network from
corresponding15706/MPSRPT_NETWORK.EXE
b. Run MPSRPT_NETWORK.exe.
c. The tool will automatically collect the information. This procedure
will
take 10~15 minutes.
d. Open Windows Explorer, navigate to the folder:
%SystemRoot%\MPSReports\Network\Reports\Cab\
e. Send the .cab file directly to me at v-terliu@xxxxxxxxxxxxx
I hope these steps will give you some help.
Thanks and have a nice day!
Best regards,
Terence Liu (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the
manner.newsgroups so that they can be resolved in an efficient and timely
microsoft.public.windows.networking.ipsec,microsoft.public.windows.server.geYou can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check
the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In
doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
--------------------
From: "Slabchops" <no@xxxxxxxxx>
Newsgroups:
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS02.phx.gbl!msrnews.!neral,microsoft.public.windows.server.sbs
References: <48460729$0$5719$4c368faf@xxxxxxxxxxxxxx><3DA8A7DD-1B47-4841-8C3B-5C0FF6F9EADD@xxxxxxxxxxxxx>
In-Reply-To: <3DA8A7DD-1B47-4841-8C3B-5C0FF6F9EADD@xxxxxxxxxxxxx>
Subject: Re: VPN Newbie Question
Date: Wed, 4 Jun 2008 21:33:07 -0400
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=response
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Windows Mail 6.0.6000.16480
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16545
Lines: 39
Message-ID: <4847425a$0$7034$4c368faf@xxxxxxxxxxxxxx>
Organization: Road Runner High Speed Online http://www.rr.com
NNTP-Posting-Host: 74.69.82.150
X-Complaints-To: abuse@xxxxxx
Path:
msrtrans!msrn-in!newshub.sdsu.edu!border1.nntp.dca.giganews.com!nntp.giganew
s.com!nx01.iad01.newshosting.com!newshosting.com!69.16.185.51.MISMATCH!tmp-p
microsoft.public.windows.server.general:39508ost01.iad!news.highwinds-media.com!roadrunner.com!not-for-mail
Xref: TK2MSFTNGHUB02.phx.gbl
anythingmicrosoft.public.windows.server.sbs:110772
microsoft.public.windows.networking.ipsec:214
X-Tomcat-NG: microsoft.public.windows.server.sbs
Hey Cliff,
Thanks for getting back to me. I have set up the VPN with IPSec, it
connects and all seems well. However I am not sure how to access
aon the server, any suggestions? thanksrecommend
-sc
"Cliff Galiher" <cgaliher@xxxxxxxxx> wrote in message
news:3DA8A7DD-1B47-4841-8C3B-5C0FF6F9EADD@xxxxxxxxxxxxxxxx
Watchguard fireboxes support PPTP and IPSec VPN's natively. I'd
this,setting up the VPN on the firebox (I've used both PPTP and IPSec for
but PPTP doesn't require a 3rd party client) and then when you request
thatresource on the server, you will be prompted for domain credentials
logonyouyou can enter. As far as the details of setting up VPN on a firebox,
Firewareshould refer to your documentation for the firebox, as that has changed
between firebox models and whether you are running WFS, Fireware,
2003RPro, etc.
-Cliff
"Slabchops" <no@xxxxxxxxx> wrote in message
news:48460729$0$5719$4c368faf@xxxxxxxxxxxxxxxxx
Greetings,
Here is what I have. I have a WatchGuard Firebox Firewall, MS SBS
and I would like to be able to logon on from home to access server
resources through a VPN. I don't neccessarily want to logon to my
desktop at work, just the server. I have a client application on my
laptop that I want to connent against the server. I can establish the
VPN connection, but it does not pass off to the server requesting
this?credentials. Can someone give this newbie the lowdown on how to do
Thanks.
-lj
.
- References:
- Re: VPN Newbie Question
- From: Terence Liu [MSFT]
- Re: VPN Newbie Question
- From: Slabchops
- Re: VPN Newbie Question
- Prev by Date: Re: NTBackup to disk - is it possible to limit size
- Next by Date: Re: Frustrated setting up Cisco VPN through ISA 2004
- Previous by thread: Re: VPN Newbie Question
- Next by thread: RE: WSUS Installation errors message
- Index(es):
Relevant Pages
|
