Solved

Can't open Intranet Pages behind NAT router!!!

Posted on 2004-09-20
17
506 Views
Last Modified: 2010-04-12
I can not open any intranet pages over my VPN if my home router is in the mix. Once I plug in directly to the cable modem, I can access EVERYTHING. There seems to be an issue with passign through the NAT device. I pull up the intranet page using the following address: 192.168.1.230:90/default/aspx

At home, I have a Windows XP Pro laptop plugged into a Linksys WRT54G router, Linksys cable modem, using Comcast high-speed cable internet. When I use my Microsoft PPTP VPN client to VPN into my Windows 2003 Server at work from home I can not open any intranet pages regardless of the ports being used. I can usually open the shared drives on the server but never an intranet page.

On the server side I have Windows Server 2003 going into a Linksys BEFSX41 wired router with ports 47 & 1723 forwarded to the static IP of the server. I don't think there are any config problems on the server end. I think the issue resides solely on the client end. I can VPN in using an AT&T EDGE card and successfully open the intranet pages.

Any quick help would be greatly appreciated!!!! :)
0
Comment
Question by:Kjohnsting
  • 10
  • 7
17 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12111816
The issue might just be that you have the same subnet on both ends of the VPN.
Is your server 192.168.1.230
Is your home PC LAN IP 192.168.1.100 ?
The easiest to fix is the LAN IP on your home WRT54G router. Make the LAN something different, like 192.168.222.x
0
 

Author Comment

by:Kjohnsting
ID: 12112274
I will try that out.

Also, I wanted to assign the Intranet page a name so that when you're on the LAN or VPN, you could open a browser, type in a name like "WebApp" and it would send you to the intranet page (as opposed to using 192.168.x.x.....) I am using IIS to admin this. Do you know how to do that?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12112385
You can create an entry in your hosts file:

192.168.1.230   webapp

Then in your browser, type http://webapp:90

Help on hosts file:
http://mvps.org/winhelp2002/hosts.htm
0
 

Author Comment

by:Kjohnsting
ID: 12119249
I changed my home router to 192.168.2.x and it worked!!  But.... now I can't open my mapped drives while on the VPN. I get the following error:

An error occurred while reconnecting to \\servername\share
Microsoft Windows Network: The Network name can not be found.
This connection has notbeen restored.

What now? ANy ideas?
0
 

Author Comment

by:Kjohnsting
ID: 12119533
Okay, I screwed with it some more. Now I don't get that error. But when I open up a mapped drive, it will open but contain nothing at all. I have had that problem before under every setup scenario (plugging directly into cable modem, or using the router). If you solve this for me, I may have to PayPal you some funds :)
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12119593
Enable Netbios over TCP/IP on the XP client.
Make your XP client a member of a workgroup with same name as your office domain/workgroup
Create a LMHOSTS file with your domain controller's/server entry:
How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/support/kb/articles/Q180/0/94.ASP
0
 

Author Comment

by:Kjohnsting
ID: 12122106
FYI: While I was having my problem, I was able to successfully ping the VPN gateway (10.10.10.x), the server IP on the LAN (192.168.1.230), and the server name.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12154549
Are you still working this? Do you need more information?

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:Kjohnsting
ID: 12155872
This is where I'm at:

THe LMHOSTS file works. But once you go into work and log onto the Domain, that lmhosts file does not allow you to log into any shared resources on the domain. I am wondering if I create an alternate DNS resolution if that will fix the problem.

For example, the LMHOSTS file I created works great from home. But there are a couple users that work from home AND at work. So my isssue now lies there.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12170982
Shouldn't the IP adresses of the hosts be the same whether you are in the office or not?
Why are they different?
0
 

Author Comment

by:Kjohnsting
ID: 12171039
Sorry, you've lost me.
0
 

Author Comment

by:Kjohnsting
ID: 12172208
When on the VPN, you're gateway is 10.10.10.x

When in house, the gateway is 192.168.1.x

Is that what you mean?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12172366
No. An LMHOSTS file has the IP address to Netbios name mapping for internal servers. The gateway has nothing to do with it.

Example. These are servers at work location that you want to access while connected via VPN

192.168.1.233     WEBAPPSERVER     #PRE
192.168.1.234     SERVER2     #PRE

These ip address to netbios system name mappings will not change whether you are connecting through a VPN or if you go to the office and log into the domain and should not affect your being able to access the domain.

Are you using a WINS server, or DDNS server at the office?
0
 

Author Comment

by:Kjohnsting
ID: 12172487
Not WINS. I imagine DDNS. How do I check that.

Looks like a need to adjust the LMHOSTS file to 192.168.1.230   (server name) as opposed to 10.10.10.1   (server name).
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12172587
DDNS - do you have a DNS server set up at the office?

Yes, just change the LMHOSTS file to the 192.168.1.230 IP and it should work regardless of where you are.
0
 

Author Comment

by:Kjohnsting
ID: 12173271
Yes, DNS server is set up here. I will let you know how the change to the file goes. Thanks!
0
 

Author Comment

by:Kjohnsting
ID: 12230824
Alrighty then!!! Everything works beautifully! I owe you one!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now