rabi9634
asked on
VPN using AOL for Broadband
Alright, here's a problem we've been having that's definitely been a hair pulling experience.
Company is based in Detroit, MI (USA). Home user is based in London, England (UK). We have a number of users using their home internet and vpn to join into the network here. Our London user would like to be able to do the same.
He is using Windows XP Professional (SP1), and connecting through SecuRemote.
Here's where the problems start up. His broadband account only allows internet access when he actually signs in through the aol front end. Once signed in, he can use Internet Explorer, ping, etc. When not signed in, IE does not return his home page, and ping faults out.
When he is connected, he can connect to the network (partially) with the VPN client. He is able to ping our mail server, but he is not able to connect through Lotus Notes to his mail file. This is a must.
Are there any known problems with AOL that would prohibit him from using the Notes client through VPN to get his company email?
Company is based in Detroit, MI (USA). Home user is based in London, England (UK). We have a number of users using their home internet and vpn to join into the network here. Our London user would like to be able to do the same.
He is using Windows XP Professional (SP1), and connecting through SecuRemote.
Here's where the problems start up. His broadband account only allows internet access when he actually signs in through the aol front end. Once signed in, he can use Internet Explorer, ping, etc. When not signed in, IE does not return his home page, and ping faults out.
When he is connected, he can connect to the network (partially) with the VPN client. He is able to ping our mail server, but he is not able to connect through Lotus Notes to his mail file. This is a must.
Are there any known problems with AOL that would prohibit him from using the Notes client through VPN to get his company email?
Les Moore
None that I'm aware of. If the user can actually create the VPN connection through the AOL service, then AOL can't see anthing within the encrypted stream, therefore they can't block anything. It sounds like a name resolution issue with conflicting DNS entries in the client, with maybe the AOL dns entries taking precidence over the VPN client's dns entries. Suggest creating a local hosts file on the user's PC with the mail server IP address.
ASKER
Would you be able to walk me through doing this? I've never played around much with local hosts files.
He's using a Dell laptop running XP Pro SP2.
He's using a Dell laptop running XP Pro SP2.
Here's some good guides on hosts and lmhosts files..
--------------------------
LMHOSTS
http://support.microsoft.com/default.aspx?scid=kb;en-us;314884
http://www.realcomputerguy.com/lmhosts.htm
http://www.labmice.net/networking/lmhosts.htm
How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/support/kb/articles/Q180/0/94.ASP
HOSTS:
http://mvps.org/winhelp2002/hosts.htm
--------------------------
LMHOSTS
http://support.microsoft.com/default.aspx?scid=kb;en-us;314884
http://www.realcomputerguy.com/lmhosts.htm
http://www.labmice.net/networking/lmhosts.htm
How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/support/kb/articles/Q180/0/94.ASP
HOSTS:
http://mvps.org/winhelp2002/hosts.htm
ASKER
Ok, more updates:
I've gone through disabling the firewall for XP, and the free McAfee one that comes with AOL for Broadband. Neither of them are running. The user can successfully authenticate through the SecuRemote VPN client.
If we try to open up Lotus Notes, it fails.. saying that the path to the server is not found.
He is able to ping the server by its IP address. He is not, however, able to access files through windows (ie, \\server\share\)
Any new suggestions?
(Hosts file did not make any difference)
I've gone through disabling the firewall for XP, and the free McAfee one that comes with AOL for Broadband. Neither of them are running. The user can successfully authenticate through the SecuRemote VPN client.
If we try to open up Lotus Notes, it fails.. saying that the path to the server is not found.
He is able to ping the server by its IP address. He is not, however, able to access files through windows (ie, \\server\share\)
Any new suggestions?
(Hosts file did not make any difference)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Somehow I don't belive this has anything to do with name resolution. The LMHOSTS file didn't seem to change it either.
Lotus Notes has the option of connecting to the server by name or by IP. I've been going off the IP. Still no go.
Lotus Notes has the option of connecting to the server by name or by IP. I've been going off the IP. Still no go.
Dial-up integration with Connect Mode is not supported with AT&T and AOL dialers. Dial-up integration can be achieved using the Command Line Interface.
If you are using AOL dialer from outside the USA, please select an access point that supports AOLnet connections, and avoid GlobalNet connections. The type of connection, by geographical location, can be viewed at http://intlaccess.web.aol.com/ . You can browse to this location by selecting the "Access" keyword in your AOL browser.If such an access point is not available, you may need to reduce the MTU to 800 beforeusing SecureRemote/SecureClient (using MtuAdjust.exe located in SecureRemote/SecureClient \bin directory
If you are using AOL dialer from outside the USA, please select an access point that supports AOLnet connections, and avoid GlobalNet connections. The type of connection, by geographical location, can be viewed at http://intlaccess.web.aol.com/ . You can browse to this location by selecting the "Access" keyword in your AOL browser.If such an access point is not available, you may need to reduce the MTU to 800 beforeusing SecureRemote/SecureClient (using MtuAdjust.exe located in SecureRemote/SecureClient \bin directory
ASKER
He's on AOL Broadband, so there is no access number.
To test to see whether the problem was AOL specific, we tried using Qwest Business Dialup. Qwest is also able to connect to the internet with no problems, and the VPN acknowledges that the security policy is updated when he logs in through it. We're still getting the same problem when trying to open up Lotus Notes while the VPN is running. It is possible to ping the address of the server, but it isn't possible to connect through to Notes. The "Server not found" message comes up.
I don't see how name resolution has anything do do with this bc of previous attempts to define the Notes server by name and IP.
To test to see whether the problem was AOL specific, we tried using Qwest Business Dialup. Qwest is also able to connect to the internet with no problems, and the VPN acknowledges that the security policy is updated when he logs in through it. We're still getting the same problem when trying to open up Lotus Notes while the VPN is running. It is possible to ping the address of the server, but it isn't possible to connect through to Notes. The "Server not found" message comes up.
I don't see how name resolution has anything do do with this bc of previous attempts to define the Notes server by name and IP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
PROBLEM RESOLVED!
Several more users had the same problem. Some were new accounts, others had been working for years.
For some reason, our firewall began blocking VPN traffic for select individuals. Somewhat strange considering the set of accounts it affected. I can't believe we didn't catch this sooner. Once we corrected the policy back to the way it was originally set for them, it cleared everything up.
I'm splitting points between you two for tryin to stick with this and figure something out. Thanks for the effort.
Several more users had the same problem. Some were new accounts, others had been working for years.
For some reason, our firewall began blocking VPN traffic for select individuals. Somewhat strange considering the set of accounts it affected. I can't believe we didn't catch this sooner. Once we corrected the policy back to the way it was originally set for them, it cleared everything up.
I'm splitting points between you two for tryin to stick with this and figure something out. Thanks for the effort.
hi rabi9634 thanks for the points and glad to have helped :)