Trouble with VPN and SBS 2003

feenster99 · 13 Jun 2006 at 19:23

Hi all,
At work, we run a Windows 2003 SBS Standard server which I am trying to VPN into.

We setup a user in Active Directory called "vpn" and added it to the Mobile Users group. We then setup a VPN using the Routing and Remote access wizard. So now, I can VPN into work fine. This only connects me to the SBS server however, when I was expecting to just be on the network as normal, and access the Linux webserver we have. Also, my local internet connection is killed completely when I connect over the VPN, so I can't visit any websites whatsoever.

Does anyone know:
1) How do setup Routing and Remote Access so I am fully on the network and can access the other servers etc on there?
2) How to maintain my local internet connection, or use the remote connection so I can still browse the web?

Any help greatly appreciated.
Matt

Otacon · 13 Jun 2006 at 19:28

feenster99 said:
2) How to maintain my local internet connection, or use the remote connection so I can still browse the web?

On the VPN connection (client side), Properties > Network > TCP/IP > Advanced > Untick 'Use gateway on remote network'.

Connect to the VPN and post the output of an 'ipconfig /all', and 'route print'

feenster99 · 13 Jun 2006 at 19:41

Cool, i now have 'net access at the same time now. Cheers

So, work's router is 192.168.8.1, the SBS server is 192.168.8.3, and there is a server on 192.168.8.5 that I am trying to access (but can't).

"route print"

Code:

C:\Documents and Settings\Matt>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 8d e7 41 90 ...... VIA Networking Velocity Family Giga-bit Ethern
 Adapter - Packet Scheduler Miniport
0x10004 ...00 10 dc e9 ae 1a ...... Bluetooth Device (Personal Area Network)
0xc0005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.102       20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      192.168.1.0    255.255.255.0    192.168.1.102   192.168.1.102       20
    192.168.1.102  255.255.255.255        127.0.0.1       127.0.0.1       20
    192.168.1.255  255.255.255.255    192.168.1.102   192.168.1.102       20
      192.168.8.0    255.255.255.0    192.168.8.107   192.168.8.107       1
    192.168.8.107  255.255.255.255        127.0.0.1       127.0.0.1       50
    192.168.8.255  255.255.255.255    192.168.8.107   192.168.8.107       50
   212.159.95.181  255.255.255.255      192.168.1.1   192.168.1.102       20
        224.0.0.0        240.0.0.0    192.168.1.102   192.168.1.102       20
        224.0.0.0        240.0.0.0    192.168.8.107   192.168.8.107       50
  255.255.255.255  255.255.255.255    192.168.1.102   192.168.1.102       1
  255.255.255.255  255.255.255.255    192.168.8.107   192.168.8.107       1
  255.255.255.255  255.255.255.255    192.168.8.107           10004       1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None

"ipconfig /all"

Code:

C:\Documents and Settings\Matt>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : matt-pc
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VIA Networking Velocity Family Giga-
bit Ethernet Adapter
        Physical Address. . . . . . . . . : 00-50-8D-E7-41-90
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.1.102
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : fe80::250:8dff:fee7:4190%4
        Default Gateway . . . . . . . . . : 192.168.1.1
        DHCP Server . . . . . . . . . . . : 192.168.1.1
        DNS Servers . . . . . . . . . . . : 194.168.8.100
                                            194.168.4.100
                                            fec0:0:0:ffff::1%2
                                            fec0:0:0:ffff::2%2
                                            fec0:0:0:ffff::3%2
        Lease Obtained. . . . . . . . . . : 13 June 2006 17:59:46
        Lease Expires . . . . . . . . . . : 14 June 2006 17:59:46

Ethernet adapter Bluetooth Network Connection:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : Bluetooth Device (Personal Area Netw
ork)
        Physical Address. . . . . . . . . : 00-10-DC-E9-AE-1A

PPP adapter PCM 2:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.8.107
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : 192.168.8.1
                                            212.159.13.49

Tunnel adapter Teredo Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
        Physical Address. . . . . . . . . : 00-00-F9-38-AE-96-83-5A
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 3ffe:831f:4136:e37e:0:f938:ae96:835a

        IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5
        Default Gateway . . . . . . . . . : ::
        NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : C0-A8-08-6B
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.8.107%2
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                            fec0:0:0:ffff::2%1
                                            fec0:0:0:ffff::3%1
        NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : C0-A8-01-66
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.102%2
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%2
                                            fec0:0:0:ffff::2%2
                                            fec0:0:0:ffff::3%2
        NetBIOS over Tcpip. . . . . . . . : Disabled

Thanks again matey,
Matt

Otacon · 13 Jun 2006 at 19:51

Have you tried just pinging IP addresses on the remote network? Trying to find out if it's a config issue on the RRAS box, or name resolution.

feenster99 · 13 Jun 2006 at 19:54

I've tried pinging the other server at work (192.168.8.5) from my local PC, and get the following:

Code:

C:\Documents and Settings\Matt>ping 192.168.8.5

Pinging 192.168.8.5 with 32 bytes of data:

Request timed out.
Request timed out.

Ping statistics for 192.168.8.5:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

It is a Fedora Core 3 Linux server, running Apache on port 80, so it is definately pingable.

Matt

feenster99 · 13 Jun 2006 at 19:58

BTW, we also have another Windows 2003 server (Standard I think) on the same domain, ip address 192.168.8.106 which isn't pingable from my local PC. Do i need to setup some "Static Routes" in the Routing manager to point to these two servers?

Matt

Otacon · 13 Jun 2006 at 20:03

Na, you already have a route to the remote network. Must be a configuration issue. Been a while since I've seen anyone use RRAS for remote access, let me a start a VM and take a look...

feenster99 · 13 Jun 2006 at 20:10

Thanks Otacon, looking forward to your findings

Matt

feenster99 · 13 Jun 2006 at 20:36

Otacon,
Just re-read the thread - you give the impression that this isn't the best or most common way of attaching a PC onto a remote network via VPN. If there is a better way, I'd be more than happy to give it a shot. It is only setup this way as it is the first method I came across.

Could I catch you on MSN? No worries if not...

Cheers,
Matt

feenster99 · 26 Jun 2006 at 23:29

Otacon - sorry to pester you again, but did you ever find any more info on this problem?

Cheers,
Matt

Andy100 · 27 Jun 2006 at 02:33

Once you're connected to the vpn have you tried bringing up a command prompt to connect to the drives/computers you want?

Been a while since I used it but I think the command is:

net use f: //IPADDRESSofmachinedriveyouwanttoconnectto

If all goes well it should ask you for a username and password.

feenster99 · 27 Jun 2006 at 07:29

Thanks for the reply - the problem is more that I can't ping any other IP address than the one I VPN onto. I have a Linux web server running that I want to be able to view remotely, but can only get onto the main Windows server, and no-where else.

Matt