Win2K VPN connection not seeing internal network.

Win2K VPN connection not seeing internal network.

Post by Marku » Sun, 19 Jan 2003 01:25:43



I have a home network I want to set up with VPN to be able to access my home
computers while travelling...  A Win2K server is set up for VPN using RRAS
inside the linksys router, with port 1723 forwarded to the Win2K server
address (192.168.1.5).  This server is also the PDC with AD, DNS, etc.
(running Small Business Server)..

I set up a user on the domain and gave it connection rights.  Connecting
remotely from my XP laptop, everything works fine during connection.. I get
an internal IP address from DHCP (192.168.1.50 - start of range). However, I
cannot ping or access anything on the internal network..

Any ideas?

 
 
 

Win2K VPN connection not seeing internal network.

Post by Nick Le Lievr » Sun, 19 Jan 2003 01:32:11



Quote:> I have a home network I want to set up with VPN to be able to access my
home
> computers while travelling...  A Win2K server is set up for VPN using RRAS
> inside the linksys router, with port 1723 forwarded to the Win2K server
> address (192.168.1.5).  This server is also the PDC with AD, DNS, etc.
> (running Small Business Server)..

> I set up a user on the domain and gave it connection rights.  Connecting
> remotely from my XP laptop, everything works fine during connection.. I
get
> an internal IP address from DHCP (192.168.1.50 - start of range). However,
I
> cannot ping or access anything on the internal network..

> Any ideas?

I believe if you have a static IP you can use RRAS`s Network Address
Translator to assign the public IP to an interface on your Internal network
so that it effectively has a direct internet connection and can be pinged
directly from the Internet.

You should be able to do this on your router as well then it would save you
having to forward a port.

 
 
 

Win2K VPN connection not seeing internal network.

Post by Marku » Sun, 19 Jan 2003 06:10:12






> > I have a home network I want to set up with VPN to be able to access my
> home
> > computers while travelling...  A Win2K server is set up for VPN using
RRAS
> > inside the linksys router, with port 1723 forwarded to the Win2K server
> > address (192.168.1.5).  This server is also the PDC with AD, DNS, etc.
> > (running Small Business Server)..

> > I set up a user on the domain and gave it connection rights.  Connecting
> > remotely from my XP laptop, everything works fine during connection.. I
> get
> > an internal IP address from DHCP (192.168.1.50 - start of range).
However,
> I
> > cannot ping or access anything on the internal network..

> > Any ideas?

> I believe if you have a static IP you can use RRAS`s Network Address
> Translator to assign the public IP to an interface on your Internal
network
> so that it effectively has a direct internet connection and can be pinged
> directly from the Internet.

> You should be able to do this on your router as well then it would save
you
> having to forward a port.

OK.. I'm confused.  Isn't the router already doing NAT?
 
 
 

Win2K VPN connection not seeing internal network.

Post by Nick Le Lievr » Sun, 19 Jan 2003 06:17:55







> > > I have a home network I want to set up with VPN to be able to access
my
> > home
> > > computers while travelling...  A Win2K server is set up for VPN using
> RRAS
> > > inside the linksys router, with port 1723 forwarded to the Win2K
server
> > > address (192.168.1.5).  This server is also the PDC with AD, DNS, etc.
> > > (running Small Business Server)..

> > > I set up a user on the domain and gave it connection rights.
Connecting
> > > remotely from my XP laptop, everything works fine during connection..
I
> > get
> > > an internal IP address from DHCP (192.168.1.50 - start of range).
> However,
> > I
> > > cannot ping or access anything on the internal network..

> > > Any ideas?

> > I believe if you have a static IP you can use RRAS`s Network Address
> > Translator to assign the public IP to an interface on your Internal
> network
> > so that it effectively has a direct internet connection and can be
pinged
> > directly from the Internet.

> > You should be able to do this on your router as well then it would save
> you
> > having to forward a port.

> OK.. I'm confused.  Isn't the router already doing NAT?

If it is change it from a demand dial connection to a Persistent connection.
 
 
 

Win2K VPN connection not seeing internal network.

Post by Nick Le Lievr » Sun, 19 Jan 2003 10:43:28







> > > I have a home network I want to set up with VPN to be able to access
my
> > home
> > > computers while travelling...  A Win2K server is set up for VPN using
> RRAS
> > > inside the linksys router, with port 1723 forwarded to the Win2K
server
> > > address (192.168.1.5).  This server is also the PDC with AD, DNS, etc.
> > > (running Small Business Server)..

> > > I set up a user on the domain and gave it connection rights.
Connecting
> > > remotely from my XP laptop, everything works fine during connection..
I
> > get
> > > an internal IP address from DHCP (192.168.1.50 - start of range).
> However,
> > I
> > > cannot ping or access anything on the internal network..

> > > Any ideas?

> > I believe if you have a static IP you can use RRAS`s Network Address
> > Translator to assign the public IP to an interface on your Internal
> network
> > so that it effectively has a direct internet connection and can be
pinged
> > directly from the Internet.

> > You should be able to do this on your router as well then it would save
> you
> > having to forward a port.

> OK.. I'm confused.  Isn't the router already doing NAT?

Sorry you`d have to get configure the Network Address Translator on the
router to assign the public IP to your internal server - should be possible
never had the luxury of a static IP or a range of static IPs to try it out
tho.
 
 
 

Win2K VPN connection not seeing internal network.

Post by Stev » Sat, 25 Jan 2003 13:42:23


I think forcing RRAS to assign your internal NIC the same IP as your
external connection will*up your router's NAT.  NAT's supposed to
forward packets from an external IP to and internal IP, how could it route
packets from the external IP to the same IP again?  Also, I know that when I
enabled NAT on my RRAS VPN server (also behind a firewall/NAT router) I
could no longer access it from any of my internal computers.

The only thing I can suggest is to be sure you have the correct IP addresses
of your DNS, DHCP, and WINS servers on your "internal" and "external" NICs.
You do have two NICs installed in your RRAS VPN server, correct?  If you
don't have your own DHCP server, I believe your VPN clients will get the
same settings (other than the IP) as your "external" NIC.

I renamed my two NIC cards to help me remember which one VPN is using as the
"external" or "public" NIC, and which is the "internal" or "private" NIC.
This helped me avoid any configuration issues.

Also, you will not be able to use network neighborhood after connecting
through VPN.  You will have to connect to resources using NetBIOS
(\\server\share) names.

Hope this helps,

Steve









> > > > I have a home network I want to set up with VPN to be able to access
> my
> > > home
> > > > computers while travelling...  A Win2K server is set up for VPN
using
> > RRAS
> > > > inside the linksys router, with port 1723 forwarded to the Win2K
> server
> > > > address (192.168.1.5).  This server is also the PDC with AD, DNS,
etc.
> > > > (running Small Business Server)..

> > > > I set up a user on the domain and gave it connection rights.
> Connecting
> > > > remotely from my XP laptop, everything works fine during
connection..
> I
> > > get
> > > > an internal IP address from DHCP (192.168.1.50 - start of range).
> > However,
> > > I
> > > > cannot ping or access anything on the internal network..

> > > > Any ideas?

> > > I believe if you have a static IP you can use RRAS`s Network Address
> > > Translator to assign the public IP to an interface on your Internal
> > network
> > > so that it effectively has a direct internet connection and can be
> pinged
> > > directly from the Internet.

> > > You should be able to do this on your router as well then it would
save
> > you
> > > having to forward a port.

> > OK.. I'm confused.  Isn't the router already doing NAT?

> Sorry you`d have to get configure the Network Address Translator on the
> router to assign the public IP to your internal server - should be
possible
> never had the luxury of a static IP or a range of static IPs to try it out
> tho.

 
 
 

1. VPN connection not seeing machines on the network, after some strange errors

So here is the scenario.
At the office is a machine running Win2K Pro, acting as a server. It has a
static IP in the 192.168.X.X range. The rest of the machines in the office
are assigned IPs by the Cayman router (PacBell Business DSL). The server is
running TCP/IP and NetBEUI, while the rest of the machines are just running
TCP/IP. There is a pinhole configured in the router for VPN connections, and
the server machine is set up to accept VPN connection.
At the home office is another Win2K Pro machine, running PacBell residential
DSL, which uses a dial-up DSL approach. The machine has a 'LAN'
configuration using TCP/IP & NetBEUI, connected to the NIC in the machine.
The DSL install creates a "LAN2", also using TCP/IP & NetBEUI, which
actually "connect" to the DSL. There is a VPN connection on this machine
that allows the user to connect to the server via the internet. This machine
has a Brother laser printer connected via USB and an old Canon 4550 paint
jet on the parallel port.
So, everything was working fine for a while, tho' the connection was very
slow for browsing resources. On the order of 2-3 minutes to show available
machines via 'Computers Near Me'. Once you got to a resource, moving files
or printing was quick tho'. It should be noted that the server did not have
NetBEUI running at this time.
Then, on the home machine, we tried to print from a program called Squiggle,
which uses a SQL db file to store information. Printing to the Canon worked
fine, but after printing to the Brother, the SQL db got corrupted, and
Squiggle won't work any more. This has happened before when the Brother was
connected via the parallel port as the only printer. Now, at the same time,
the VPN connection stopped working. I can still connect to the DSL, and I
can make the connection to the server via VPN, but only the local machine
shows up in the list of machines.
I added NetBEUI to the server to see if that would allow me to browse the
network, but it has not changed. I realize now that I did not have my user
verify if NetBEUI was running under the Incoming VPN connection.

So, my question is: does anyone see some explanation in all of that as to
why VPN is no longer working? It makes no sense to me that VPN would be
affected by either the printing issue or the SQL issue, but then it makes no
sense that a printing error would corrupt a SQL file either. I am hoping
that someone will see a way to get VPN working that I have missed.
The crappy part is all of this was working until about an hour before I had
to fly back home to Portland. I had flown to San Jose specifically to set
this up!

So, any help is HUGELY appreciated!

Gordon

2. Osborne 1

3. VPN - Get Connection but no access to internal network

4. OSF/1 and SERVFAILs

5. Win2K Server to Host a VPN client connection for internal Clients.

6. Flushing and Giving of Semaphores (Non-maskable interrupts).

7. vpn problem: connection works in network and dialup connections but NOT in routing and remote access

8. Dpaint DCTV hack??

9. VPN - A VPN server requires that one connection be used as the private network connection

10. Internal Network resources not available remotely over VPN

11. Can VPN from internal network but not outside

12. Win2K Server - Win9x clients not seeing other in Network Neighborhood

13. Internal DNS server not seeing company.com