VPN works. but I can see the server only.

  • Thread starter Thread starter Marcantonio Magnarapa
  • Start date Start date
M

Marcantonio Magnarapa

Hi,

I have configured manually a VPN server on windows 2003 but while the
VPN works beautifully, the remote logged on user can only 'see' the server.

The other workstations in the LAN are not visible. How can I modify the
vpn settings so that clients can see the whole network?

Please consider that we are NOT using two nics, because the vpn server
is not the gateway to the internet. It is just a DMZ behind the router.
We do not need two NICS.

Thank you in advance,
Marcantonio Magnarapa
 
Hi,

I have exactly the same problem.

Im running a Windows2003 as a vpn server - remote users
can connect perfectly, but they simply cannot connect to
any other services/computers on the network.

Shared folders, printers, M$ Exchange are all unavailable.

The only partial work around I have been able to set up is
by making the remote users use Terminal Services/Remote
Desktop. But its not what I or the users want to do.
 
Can you rule out a routing problem? For example, does a tracert -d <server>
on the client (for example, to the exchange server) go through and stop at
the VPN server? Is routing enabled on the VPN server? Does a tracert -d
<client RAS IP> from somewhere (such as the exchange server) go through and
stop at the VPN server?

Is data being blocked by packet filters, IPSec, or other firewalls?

"netsh rout ip sho filt" should give you a quick view of any RRAS IP
filters.

It's a place to start, anyway...
 
Yes...I had the same problem approx a year ago. In all my
research at that time on Microsoft, MS procedures would
have you:
1. Join the client to the domain.
2. Remove the client from the current subnet (router port)
3. Place the client on different subnet
4. Then VPN into the server

Here is what I discovered. The client was "joined" to the
domain which allowed browsing/access to network
resources. This is not always practical. The work around
is as follows:

1. Update the client's "workgroup" to the domain name
they are VPN into

2. Create a user name/password in the domain

3. Create a local user name/password to match the domain
username/password created above.

4. Log on locally to the client and VPN into the server.

This should give the vpn client browsing capability and
access to other resources in the domain. Additonally, if
you are running login scripts in your domain...they will
not run as clients vpn into your domain. I hope this helps

Ed Maddox
 
Back
Top