DaCoach65
asked on
Windows 2000 Pro VPN to Windows 2000 VPN Server
When at a Remote location, I can connect to the VPN server and then Remote Desktop using my XP Pro machine. When I configure a VPN connection on a Windows 2000 Pro machine I connect to the VPN. But, then I can't ping the server by IP or name nor can I connect to it (of course) with Remote Desktop. What would be the difference in the 2000 O/S vs. XP O/S that would cause one to work and the other to not? This falls under the urgent category. I've been banging my head against the wall on this one.
Thanks,
Steve
Thanks,
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is usually related to the gateway on the machine, is the Windows 2000 machine set up differently with regards to TCP/IP, broadband, dial up, etc. ?
J
J
The output from "ipconfig /all" might also be helpful in troubleshooting this problem.
jdeclue is thinking along the same lines :) We'll see what the routing table looks like with "route print" (including the gateway).
im confused about what you are attempting to do,, it sounds like you are trying to remote into a machine,, connect via a vpn to another machine then then remote into that machine over the VPN... is that correct?
Bingo.. most likely the there is no route to the servers over the vpn. TCP/IP has to know where to go when a machine is not on your subnet. When it tries to find the server it goes to the Gateway. If that gateway is going to the Internet or somewhere else, it will not be able to find your servers. This is very common. So you may need to set a static route. THis will tell your machine to use the VPN connection to access your servers, while everything else goes to the internet. The route print will answer the question...
Additionally provide dlwyatt with the IP Range and Subnet of the servers on the other side of the VPN. Sounds like he can walk you right through it;)
J
Additionally provide dlwyatt with the IP Range and Subnet of the servers on the other side of the VPN. Sounds like he can walk you right through it;)
J
ASKER
I'll answer everybody's questions all at once here. I do have firewall software on the 2000 machine, Trend's PC-Cillin, however, I have it disabled. I have thought about un-installing it completely. The VPN I'm using is Windows 2k Pro built in and Windows 2000 RRAS/VPN server on the other end. As for the route print and ipconfig /all, I'll need to get back to the remote location, it's an hour away. Which I'll be able to do tomorrow morning, 9:00AM Central. I can say that when I do ipconfig /all it shows no Gateway for the VPN connection. This is the same however for both the XP and 2000 machines. This is because I have the "Use default gateway on remote network" unchecked. It won't work on the XP machine either if I have this checked. As for the gateway on the 2000 machine vs. the XP machine's local connection. They're both getting the same gateway from DHCP. I'll get back tomorrow morning with the pasting of "route print" and "ipconfig /all" and we'll go from there. Thanks for all of the quick responses.
ASKER
So, I did a "route print" when I was at home connected to VPN and it looked okay. But, then at 2:43AM I woke up with what I thought would be the solution based on what I saw in the "route print" output. I went to the location having the issues this morning and things are resolved. Both ends are behind Linksys Cable/DSL Routers. Both giving out 192.168.1.x to the inside networks. I changed the inside network at the location that was having issues to 10.0.0.x and voila! All is well. That still though doesn't explain to me why the XP machine would work and the 2k machine wouldn't. So, although it didn't give me the exact solution, I'll have to accept dlwyatt82's answer of doing the "route print" as that lead me to the answer. Thank you all for your input! My first experience here has been a very positive one.
Without actually seeing the Route Print output, I can't tell you exactly why one PC was working and the other wasn't, but I can guess:
When you connect to the VPN, your computer has 2 active network interfaces. Your LAN adapter connected to the local network, and the VPN adapter connected to the remote network. In this case, both networks had 192.168.1.0/24 addresses, causing a conflict. The difference in each PC was in what order the adapters added their entries to the dynamic routing table:
On the XP PC, an entry for 192.168.1.0/24 was added with the VPN adapter listed as the primary interface.
On the 2K PC, an entry for 192.168.1.0/24 was listed with the Local NIC as the interface.
Odds are, had you tested it, that even though the XP PC was able to access the server on the other side of the VPN, it probably would have been UNABLE to access any other PCs on the local network for as long as your VPN connection was active. The 2K PC had the exact opposite problem - probably worked just fine connecting to local machines, but no traffic got routed through your VPN connection.
When you connect to the VPN, your computer has 2 active network interfaces. Your LAN adapter connected to the local network, and the VPN adapter connected to the remote network. In this case, both networks had 192.168.1.0/24 addresses, causing a conflict. The difference in each PC was in what order the adapters added their entries to the dynamic routing table:
On the XP PC, an entry for 192.168.1.0/24 was added with the VPN adapter listed as the primary interface.
On the 2K PC, an entry for 192.168.1.0/24 was listed with the Local NIC as the interface.
Odds are, had you tested it, that even though the XP PC was able to access the server on the other side of the VPN, it probably would have been UNABLE to access any other PCs on the local network for as long as your VPN connection was active. The 2K PC had the exact opposite problem - probably worked just fine connecting to local machines, but no traffic got routed through your VPN connection.
Also, what VPN are you using (brand)?