Solved

Can not connect to SBS 2003 server via VPN

Posted on 2004-09-22
5
190 Views
Last Modified: 2010-03-18
I am setting up a Windows 2003 SBS and would like to administer this server remotely.  I have allowed VPN access to the server and set permissions for the user account to be determined by the ras rules ( I have tried it with allow remote connection too and that did not work either).  

I seem to connect to the network via network conncetion to the network, but I can not ping the server once I am in past the router.

I've tried the program that is created by SBS that installs the VPN client on the remote computer, but I get an error 800.

Any help will be greatly appreciated.
0
Comment
Question by:susanrae
  • 2
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
ClintSwiney earned 300 total points
ID: 12148232
In order to help More information will be needed. (Router settings etc....)

Here's a general practice that's worked for me.

1. Install 2 network cards into the server (Set up one network card for internal IP addresses and the other for WAN conenctions either through your
    router/firewall or via a public IP direct connection)
2. Get access to the domain name DNS settings for your company domain name if you have one.
3. Setup an A record for your server's IP address if it's a public IP. (If you Server is behind a router or firewall setup either a one to one NAT or forward IP
    Ports the server needs to the server's Internal IP address then make the A Record point to your Routers WAN IP address) make the A record something like
    local.domainname.com or lan.domainname.com etc. Allow for propagation (72 Hours Max)
4. Configure the Server for your Network using the Connect to the Internet and Remote Access Wizards in the To Do List. (Make sure that you use all the
    correct entries here and specify the A record domain name for your remote access if you dont have an A record specify the WAN address on the router or  
    the WAN side Network cards IP address in the Server.
5. If you configured everything correctly you can remote desktop to your server using the A Record domain name you created or the IP address. Also you can
    use the VPN connection in XP or use the Small Business connection manager. The users can connect to the remote web workplace using the A record
    domain name too.


Notes: It's difficult if not impossible to make this work with only one network card!

Hope this helps,

Clint
0
 

Author Comment

by:susanrae
ID: 12160685
Actually I came to the conculsion last week that I needed the second nic in the server so I installed that last Friday.

Now I am able to access the intranet web page remotely via the web and remotely manage my server that way.  I am still not able to use RAS.  When I run the wizard I get an error 800. SB connection manager does not work. I am emailing my isp to setup a host name for the server's IP address, so I hope that will resolve some problems.
0
 
LVL 15

Assisted Solution

by:vico1
vico1 earned 200 total points
ID: 12212212
You have to make sure of 3 things:

The host name has to match the serever name and certificate:
example:
if your servername is mainserver.sbsdomain.local

You have to:
1.- create a host name mainserver.sbsdomain.com  (A record)
2.- run the connect to the internet connection the only change that you have to make is to create a new certificate. Make sure to create the certificate using: mainserver.sbsdomain.com
3.- Install the certificate at the client side. IE:
    You do that by accessing the server via http the click on view certificate and install it.

Good luck!

Vico1
0
 
LVL 7

Expert Comment

by:ClintSwiney
ID: 12304740
One more thing....

First off thanks for the Points!!!!!

If you are using the server for E-mail you would do good to have your ISP add a reverse lookup entry for your server's WAN IP. This will help you when a SPAM weary server tries to do a reverse lookup on your IP and when it does not find one, reject your messages!!!!

Clint

0
 
LVL 15

Expert Comment

by:vico1
ID: 12308842
Good Suggestion!

Also check this link to make sure your server is not an SMTP open relay.

http://support.microsoft.com/default.aspx?kbid=324958&product=sbserv2003
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now