Solved

Windows 2000 Pro VPN to Windows 2000 VPN Server

Posted on 2004-08-11
10
233 Views
Last Modified: 2010-04-14
When at a Remote location, I can connect to the VPN server and then Remote Desktop using my XP Pro machine.  When I configure a VPN connection on a Windows 2000 Pro machine I connect to the VPN.  But, then I can't ping the server by IP or name nor can I connect to it (of course) with Remote Desktop.  What would be the difference in the 2000 O/S vs. XP O/S that would cause one to work and the other to not?  This falls under the urgent category.  I've been banging my head against the wall on this one.

Thanks,

Steve
0
Comment
Question by:DaCoach65
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 10

Expert Comment

by:ngravatt
ID: 11774752
do you have any firewall software on your 2000 machine?

Also, what VPN are you using (brand)?
0
 
LVL 14

Accepted Solution

by:
dlwyatt82 earned 500 total points
ID: 11774976
After you have connected via VPN on the windows 2000 machine, open a command prompt and run "route print". Please paste the results of that command to this thread.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11774989
This is usually related to the gateway on the machine, is the Windows 2000 machine set up differently with regards to TCP/IP, broadband, dial up, etc. ?

J
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 14

Expert Comment

by:dlwyatt82
ID: 11774991
The output from "ipconfig /all" might also be helpful in troubleshooting this problem.
0
 
LVL 14

Expert Comment

by:dlwyatt82
ID: 11775015
jdeclue is thinking along the same lines :) We'll see what the routing table looks like with "route print" (including the gateway).
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11775166
im confused about what you are attempting to do,, it sounds like you are trying to remote into a machine,, connect via a vpn to another machine then then remote into that machine over the VPN... is that correct?
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11775325
Bingo.. most likely the there is no route to the servers over the vpn. TCP/IP has to know where to go when a machine is not on your subnet. When it tries to find the server it goes to the Gateway. If that gateway is going to the Internet or somewhere else, it will not be able to find your servers. This is very common. So you may need to set a static route. THis will tell your machine to use the VPN connection to access your servers, while everything else goes to the internet. The route print will answer the question...

Additionally provide dlwyatt with the IP Range and Subnet of the servers on the other  side of the VPN. Sounds like he can walk you right through it;)

J
0
 

Author Comment

by:DaCoach65
ID: 11775817
I'll answer everybody's questions all at once here.  I do have firewall software on the 2000 machine, Trend's PC-Cillin, however, I have it disabled.  I have thought about un-installing it completely.  The VPN I'm using is Windows 2k Pro built in and Windows 2000 RRAS/VPN server on the other end.  As for the route print and ipconfig /all, I'll need to get back to the remote location, it's an hour away.  Which I'll be able to do tomorrow morning, 9:00AM Central.  I can say that when I do ipconfig /all it shows no Gateway for the VPN connection.  This is the same however for both the XP and 2000 machines.  This is because I have the "Use default gateway on remote network" unchecked.  It won't work on the XP machine either if I have this checked.  As for the gateway on the 2000 machine vs. the XP machine's local connection.  They're both getting the same gateway from DHCP.  I'll get back tomorrow morning with the pasting of "route print" and "ipconfig /all" and we'll go from there.  Thanks for all of the quick responses.
0
 

Author Comment

by:DaCoach65
ID: 11785731
So, I did a "route print" when I was at home connected to VPN and it looked okay.  But, then at 2:43AM I woke up with what I thought would be the solution based on what I saw in the "route print" output.  I went to the location having the issues this morning and things are resolved.  Both ends are behind Linksys Cable/DSL Routers.  Both giving out 192.168.1.x to the inside networks.  I changed the inside network at the location that was having issues to 10.0.0.x and voila!  All is well.  That still though doesn't explain to me why the XP machine would work and the 2k machine wouldn't.  So, although it didn't give me the exact solution, I'll have to accept dlwyatt82's answer of doing the "route print" as that lead me to the answer.  Thank you all for your input!  My first experience here has been a very positive one.
0
 
LVL 14

Expert Comment

by:dlwyatt82
ID: 11785948
Without actually seeing the Route Print output, I can't tell you exactly why one PC was working and the other wasn't, but I can guess:

When you connect to the VPN, your computer has 2 active network interfaces. Your LAN adapter connected to the local network, and the VPN adapter connected to the remote network. In this case, both networks had 192.168.1.0/24 addresses, causing a conflict. The difference in each PC was in what order the adapters added their entries to the dynamic routing table:

On the XP PC, an entry for 192.168.1.0/24 was added with the VPN adapter listed as the primary interface.
On the 2K PC, an entry for 192.168.1.0/24 was listed with the Local NIC as the interface.

Odds are, had you tested it, that even though the XP PC was able to access the server on the other side of the VPN, it probably would have been UNABLE to access any other PCs on the local network for as long as your VPN connection was active. The 2K PC had the exact opposite problem - probably worked just fine connecting to local machines, but no traffic got routed through your VPN connection.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Having trouble getting your hands on Dynamics 365 Field Service or Project Service trial? Worry No More!!!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now