• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

Can't connect to Terminal Server over VPN from Windows 2000 clients, Only XP Professional

We have 2 servers. One is the PDC running SBS 2000 Server and the 2nd is a BDC setup as a VPN/Terminal Server.

The VPN server has only one network card and we are passing port 1723 through a 3com Officeconnect Firewall to the internal IP address of the VPN server.

Any remote client CAN successfully connect and authenticate to the VPN Server regardless of OS.

The problem is that only XP Professional remote pc's can connect to the VPN/TS via it's internal ip address. Windows 2000 Professional clients cannot connect to the Terminal Server and also cannot ping it by IP address.

Since Terminal Services and VPN Services are setup properly, what is different between Win 2000 Pro and XP Pro which is preventing some clients from hitting the TS.

I have tried 2 different Win 2000 Pro clients on different remote networks and neither can ping the TS while an XP Pro client on the same remote network has no problem whatsoever. I have setup all pc's to use the default gateway setting in the VPN client.
0
amkbailey
Asked:
amkbailey
  • 2
  • 2
  • 2
1 Solution
 
Big5250Commented:
Before we try troubleshooting, how many remote clients are at this particular site?
0
 
dlwyatt82Commented:
I answered a question very similar to this a month or so ago... the problem turned out to be that on both sides of the VPN (in the office and on the home network), the connections were going through a cable router, and the cable routers were both set up to use the same private subnet address (192.168.1.*).

Is this how you have your network set up by any chance? If so, change the subnet you're using on one side or the other of the VPN so they're not identical anymore, and your routing problems will clear up.
0
 
amkbaileyAuthor Commented:
There will be 4 remote sites with about 5 pc's at each site.

Corporate has about 20 pc's.


0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
amkbaileyAuthor Commented:
Yes all remote sites have the same subnet address as corporate but what is odd is that XP Pro handles the routing fine.

Is this an improvement in XP that allows it to work properly versus Win 2000 Professional?
0
 
dlwyatt82Commented:
No, it's just a slight difference in which network adapter gets listed in the routing tables for your 192.168.1. whatever subnet. You'll find that on the XP systems, you can't ping anything LOCAL while you're connected to the VPN... you can only connect to systems on the remote network. Windows 2000 does the opposite, but neither can really be considered a "bug" or "improvement" since it's a faulty IP network design that is the root of the problem.
0
 
Big5250Commented:
If feasible you may want  to look at having each remote being a Lan-Lan connection instead of Client to lan.  That way you only have to worry about one connection from each remote, instead of 30 clients.

You may want to consider setting up seperate IP segments for each remote site to help the segmentation of your network for easier admin.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now