Solved

Can not connect to SBS 2003 server via VPN

Posted on 2004-09-22
5
191 Views
Last Modified: 2010-03-18
I am setting up a Windows 2003 SBS and would like to administer this server remotely.  I have allowed VPN access to the server and set permissions for the user account to be determined by the ras rules ( I have tried it with allow remote connection too and that did not work either).  

I seem to connect to the network via network conncetion to the network, but I can not ping the server once I am in past the router.

I've tried the program that is created by SBS that installs the VPN client on the remote computer, but I get an error 800.

Any help will be greatly appreciated.
0
Comment
Question by:susanrae
  • 2
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
ClintSwiney earned 300 total points
ID: 12148232
In order to help More information will be needed. (Router settings etc....)

Here's a general practice that's worked for me.

1. Install 2 network cards into the server (Set up one network card for internal IP addresses and the other for WAN conenctions either through your
    router/firewall or via a public IP direct connection)
2. Get access to the domain name DNS settings for your company domain name if you have one.
3. Setup an A record for your server's IP address if it's a public IP. (If you Server is behind a router or firewall setup either a one to one NAT or forward IP
    Ports the server needs to the server's Internal IP address then make the A Record point to your Routers WAN IP address) make the A record something like
    local.domainname.com or lan.domainname.com etc. Allow for propagation (72 Hours Max)
4. Configure the Server for your Network using the Connect to the Internet and Remote Access Wizards in the To Do List. (Make sure that you use all the
    correct entries here and specify the A record domain name for your remote access if you dont have an A record specify the WAN address on the router or  
    the WAN side Network cards IP address in the Server.
5. If you configured everything correctly you can remote desktop to your server using the A Record domain name you created or the IP address. Also you can
    use the VPN connection in XP or use the Small Business connection manager. The users can connect to the remote web workplace using the A record
    domain name too.


Notes: It's difficult if not impossible to make this work with only one network card!

Hope this helps,

Clint
0
 

Author Comment

by:susanrae
ID: 12160685
Actually I came to the conculsion last week that I needed the second nic in the server so I installed that last Friday.

Now I am able to access the intranet web page remotely via the web and remotely manage my server that way.  I am still not able to use RAS.  When I run the wizard I get an error 800. SB connection manager does not work. I am emailing my isp to setup a host name for the server's IP address, so I hope that will resolve some problems.
0
 
LVL 15

Assisted Solution

by:vico1
vico1 earned 200 total points
ID: 12212212
You have to make sure of 3 things:

The host name has to match the serever name and certificate:
example:
if your servername is mainserver.sbsdomain.local

You have to:
1.- create a host name mainserver.sbsdomain.com  (A record)
2.- run the connect to the internet connection the only change that you have to make is to create a new certificate. Make sure to create the certificate using: mainserver.sbsdomain.com
3.- Install the certificate at the client side. IE:
    You do that by accessing the server via http the click on view certificate and install it.

Good luck!

Vico1
0
 
LVL 7

Expert Comment

by:ClintSwiney
ID: 12304740
One more thing....

First off thanks for the Points!!!!!

If you are using the server for E-mail you would do good to have your ISP add a reverse lookup entry for your server's WAN IP. This will help you when a SPAM weary server tries to do a reverse lookup on your IP and when it does not find one, reject your messages!!!!

Clint

0
 
LVL 15

Expert Comment

by:vico1
ID: 12308842
Good Suggestion!

Also check this link to make sure your server is not an SMTP open relay.

http://support.microsoft.com/default.aspx?kbid=324958&product=sbserv2003
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cannot connect to Domain Controller 4 103
EXCHANGE: Extended schema in child domain 7 52
Linksys 4 port wireless router 62 46
Vpn Server 2012 not working Draytek Vigor 2830 2 29
Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Resolve DNS query failed errors for Exchange
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now