Solved

VPN access to some servers but others

Posted on 2003-11-17
9
207 Views
Last Modified: 2010-03-19
We have a Sonicwall  device with VPN and are trying to establish VPN for some users. We have 2 NT4 servers and a NAS with Windows 2000 Server. I can establish a VPN connection and access the resources on the 2 NT4 servers but I can't even ping the NAS through the VPN, though I can ping it from the network.

Any suggestions?
0
Comment
Question by:awilson11
  • 4
  • 4
9 Comments
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9768501
Yes, put in the correct default gateway/network settings on the NAS.
0
 

Author Comment

by:awilson11
ID: 9771234
The NAS has the same gateway settings as the two NT4 servers and all three have static IPs
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9771946
Please verify and print screen the network settings, I would like to see the IP's and subnet masks/gateways of all machines...

0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:awilson11
ID: 9772460
I have done screen prints and here are the settings:

NAS - Windows 2000 Server:
IP            192.168.0.8
Subnet            255.255.255.0
Gateway                      192.168.0.6

DNS            192.168.0.4
Wins            192.168.0.4


Server 1 NT Server 4 PDC
IP            192.168.0.4
Subnet            255.255.255.0
Gateway                      192.168.0.6


Server 2 NT Server 4 BDC
IP            192.168.0.7
Subnet            255.255.255.0
Gateway                      192.168.0.6
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9773197
Ok Looks good, change the IP address of the NAS to anything lower than 8 and see if that works. You can change is back after we test this. Also, your router or gateway may be blocking the NAS mac address. Please have a look.

Check your router IP Address and subnet mask. I have a suspicion your router may be working on a subnet that uses 192.168.0.8 as the broadcast address... 255.255.255.248, or there might be a rule for VPN access on the opposite router that only uses the mentioned mask. Have a look at this and let me know. I would like to see the IP setting and rules for both routers/firewalls...
0
 

Author Comment

by:awilson11
ID: 9774191
Thanks for sticking with me.

The gateway is the Firewall/VPN device
LAN IP address is   192.168.0.6
LAN Subnet is        255.255.255.0

Unfortunatly all IP addresses below 8 are taken. Also I don't know how to check if the gateway is blocking the NAS mac address.


However you are right the WAN Subnet Mask is 255.255.255.248, but don't know the significance of this.
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9774266
Try to ping the default gateway from the NAS system. Also try to ping the external interface of the gateway from the NAS, if it does not work, try it from another system. I believe this is a straight IP issue.

I would also try to temp switch the .8 address with the .2 address and see if you have the problem, you can do this after hours or something then 10 minutes later you can switch them back.

Are you sure the subnet mask of the router is 255.255.255.0/192.168.0.6?

Please confirm this for me, do the switch above; it will tell us a lot.
0
 

Accepted Solution

by:
awilson11 earned 0 total points
ID: 9780511
I hate to break the news to you but the problem has fixed itself. Initially we tried rebooting the NAS thinking that might fix the problem. It didn't so I then posted this question. However numerous NTFS corruption errors appeared in the Event Viewer so overnight last night I scheduled chkdsk to run then shutdown and restarted the NAS and this morning suddenly we can access the NAS over the VPN. So rebooting didn't fix the problem but shutting down and booting up did.

Don't know what the problem was or what is now "fixed" but thanks for your time and effort.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Resolve DNS query failed errors for Exchange
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question