?
Solved

VPN and Windows 2000

Posted on 2005-03-09
16
Medium Priority
?
195 Views
Last Modified: 2010-04-14
I am using Windows 2000 Server as a VPN server through its routing and remote accesss.  I can connect to the VPN and access the Internet through the VPN but can not map to the server.  In fact I can not even ping the server.  However, I am still able to access the server (that is not on the VPN network) on my side.  I dont know how this works since I am connected to another network through VPN.  I know I am using the VPN network because when I do a tracert it orginates from the VPN network.  
0
Comment
Question by:cellophanecore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
16 Comments
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13495633
>>>I can connect to the VPN and access the Internet through the VPN but can not map to the server
Its confusing...could you please explain it clearly?

Are you using DHCP or Static IP Address ?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13495659
If you are using DHCP on the same server then Internal Interface must be configured for DHCP server to transfer IP Options to client machines. If you are using Static IP Addresses (a pool created on RRAS Server) then you should configure a Static Route back to VPN Server.

Also make sure NetBIOS over TCP/IP is enabled on Server. Enable IP Routing on IP Tab if you want clients to access network resources.

Let me know.

Thanks
0
 

Author Comment

by:cellophanecore
ID: 13506124
I found the problem, the 2 networks had to be on different subnets in order to route correctly.  I do not have NetBIOS installed, why did you think it needed to be?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13506322
No when browsing shared resources....Browser Service collects informations about resources using NetBIOS Names and not domain names. That's the reason i said that :-)

Anyway you solved it.
0
 

Author Comment

by:cellophanecore
ID: 13506841
how do you install netbios on win2k, the only protocals I see to install are Appletalk, DLC, netbeui, and IPX
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 2000 total points
ID: 13514412
>>>how do you install netbios on win2k, the only protocals I see to install are Appletalk, DLC, netbeui, and IPX

No, i have told you to enable NetBIOS session service over TCP/IP.
Please see this: -

 NetBIOS is an ancient session-level interface and transport protocol developed by IBM to network together PCs. It is a broadcast-based, non-routable and insecure protocol, and it scales poorly mostly because it was designed with a flat namespace. Since the late 1980s Microsoft has adopted NetBIOS for their LAN Manager product, and from there it found its way into early versions of Windows and all the way into Windows NT.

Since Windows 2000 however, DNS has become the default name resolution method for Windows-based networks and is required if you want to deploy Active Directory domains, as seen in the How to Install Active Directory on Windows 2000, Install and Configure Windows 2000 DNS Server to Prepare for AD and the How to Install Active Directory on Windows 2003 articles.

Although Windows 2000, Windows XP, and Windows Server 2003 provide for the ability to disable NetBIOS over TCP/IP (NetBT), many corporate networks will remain reluctant to do so because of the fact that most of them still have legacy (Windows 9x or Windows NT) machines on their network. These machines need NetBIOS to function properly on a network because they use NetBIOS to logon to domains, find one another, and establish sessions for accessing shared resources.

But for networks that are "free" of legacy systems you may want to consider disabling the NetBT transport altogether on all computers (it can be easily accomplished by using DHCP) or at least on critical file and print servers.

In order to disable NetBIOS over TCP/IPin Windows 2000/XP/2003 you should right-click on My Network Places and select Properties. Then right-click on the appropriate Local Area Connection icon, and select Properties.

Ref: -
http://www.petri.co.il/disable_netbios_in_w2k_xp_2003.htm

Thanks
0
 

Author Comment

by:cellophanecore
ID: 13522691
I followed the steps in http://techrepublic.com.com/5100-6268-1032135.html to setup a VPN.  VPN works fine but I keep getting an error in my system log, event ID: 4199.

The system detected an address conflict for IP address 23.233.136.10 with the system having network hardware address 00:12:15:39:20:D9. Network operations on this system may be disrupted as a result.

I followed this instruction:

"During installation, you should choose to statically assign IP addresses. You’ll need to set up one network card with a true Internet IP address and the default gateway of your Internet router. The other network card should have an IP address assigned to the local network, and it should not contain a default gateway. http://techrepublic.com.com/5100-6268-1032135.html"

Even though I did this, why would I be getting an error? the vpn works fine..
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13522969
>>>Even though I did this, why would I be getting an error? the vpn works fine..

Did you stop and restart RRAS service?
0
 

Author Comment

by:cellophanecore
ID: 13524233
yes
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13524258
>>>The system detected an address conflict for IP address 23.233.136.10 with the system having network hardware address 00:12:15:39:20:D9. Network operations on this system may be disrupted as a result.

You get this error...which client is assigned this IP Address ?
0
 

Author Comment

by:cellophanecore
ID: 13582396
23.233.136.10 is my WAN IP, no one is assigned to it but that NIC.
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13643278
Sorry for late response.

Did you solve the problem or we shall continue now?

Thanks
0
 

Author Comment

by:cellophanecore
ID: 13644634
I just took the nic out of the server, it seems you can run a vpn server with only 1 nic.  Is there a reason the article says you need 2?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13696578
>>>Is there a reason the article says you need 2?

Which article says? Two NICs conflict only if your system is Master Browser and you have difficult browsing the network.

0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The Summer 2017 Scholarship Winners have been announced!
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question