We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

SBS 2003 setting up simple VPN

twanlass
twanlass asked
on
Medium Priority
39,172 Views
Last Modified: 2011-08-18
I have just setup a new SBS 2003 server. I have the domain running (all users in the office can connect / login, share files etc), Remote Web Workplace is working as well as Remote Desktop.

I need to have one employee access the network remotely so she may use a shared Act! database. She DOES not have a computer in the office however. Is setting up a VPN the only way to give her access, or can I use Remote Web Workplace? If not, how can I setup a simple VPN? I have a static IP and only one NIC. I am running a Linksys VPN router (WRV54G maybe?) and using a NETOPIA 3000 ADSL modem.

Thanks guys!
Comment
Watch Question

Author

Commented:
Update: I have created a new connection (VPN) on my external XP box. I also connected to the Remote Workplace and downloaded the connection manager. When connection with both I get the same error, 628. They both connect and then hang when verifying my password.

Commented:
Verify that The problem is not The router bloking the GRE Protocol.
In order for VPN to work. Port 1723 and GRE protocol must be enable.

vico1!

Author

Commented:
I opened port 1723 as well as port 47 (yes, I know, GRE is a protocol, not a port) but there are no options relating to GRE.
You would think a VPN router would allow passthrough on that anyway. I have PPTP and IPSec pathrough on as well.
Still getting the same error. Could any of this be done just using Remote Web Workplace?

-Tyler

Commented:
You need to use a different router
the router is your problem;
check the following link:
http://www.pcsympathy.com/printout375.html
vico1

Author

Commented:
Vico1,

the link provided has nothing to do with the router I have installed - the on currently in place is the WRV54G - not the WRT54G.

Anyone else have any suggestions?

-Tyler

Commented:
May be you didn't read the entire article. The idea was to show you that incompatible routers are often a problem for VPN, I could give you  hundreds of links in the internet with people having problem With GRE Protocol.

I use to have this issue my self, and the way I fixed it was by replacing the router.
However there are intances where the router is not at fault.
and for you to know, you need to bypass the router all together or try a different router.

Good luck!

Author

Commented:
So then the question is would I have this problem if I used something lke GoToMyPC? Or PCAnywhere? It seems strange that they would offer a 'VPN' router that doesnt do a VPN all that well. It looks like I would have to buy thier QuickVPN client as well, just to use the product I already purchased.

-Tyler
Commented:
No, GRE Protocol was not a problem with Win 2k RAS  until SP3 and also became a problem with win2k3.
Most linksys routers have the firmware updrage for this particular problem.
It is really up to you. Most time that I have been in this situation It was easier for me to actually buy a router ($89 to $139), since most of these clients use Linksys or netgear. All new linksys routers work fine with VPN.
Chances are a firmaware is available for yours.

I think the link below show how to solve it in your router.

Read this link. Please read it
http://www.linksysinfo.org/modules.php?name=Forums&file=printview&t=2986&start=0
or
http://www.linksysinfo.org/modules.php?name=Forums&file=viewtopic&t=2986&start=0&postdays=0&postorder=asc&highlight=

Good luck!

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Ok, so now I'm feeling kinda dumb... wel sorta. I hacked the router's config file and setup a GRE protocol. I then logged into Remote Web Workplace from home, downloaded the SBS 2003 Vpn connection manager and actually connected. Damn, that was a lot of work. So now that I'm connected, how the hell do I access network shares and files, etc? Dumb question? Am I missing something?

Hope someone can help - I'm so close!

-Tyler

Commented:
Same way you acces it if you where on the local network:
example \\SBSserver\sharedfolder

Author

Commented:
I tried that to begin with. Thinking that netbios might not be doing its job I also tried it by IP, however that is when I noticed a problem. The server on the external network, the VPN I'm connecting to, has a static internal IP of 192.168.1.2. My machine at home has the same IP. I tried to change mine to something else, but still couldnt get anything to work. If my own network and the business network are using the same ip scheme / mask / subnet, how does it differentiate?

Any ideas? Points keep going up!

-Tyler

Commented:
Why don't you use a different network at home
like 192.168.0.0 or 192.168.2.0
That would solve your problem.

vico1
Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
This is why the recommended default IP LATA for SBS is 192.168.16.x  It doesn't conflict with user's home routers this way.

If you are only having the one person use the VPN connection then you will just have to make sure that they also don't conflict with the 192.168.1.x LATA.

Just to clarify your earlier question of, "So then the question is would I have this problem if I used something lke GoToMyPC? Or PCAnywhere?"  This would be the same as RWW --- needing a workstation in the office for your remote user to access.  The only alternative to the VPN would be a separate Terminal Server... but that seems rather much for just one user.  You would be better off adding an extra workstation in the office for the remote user to connect to.

By the way, adding this extra workstation is generally a good idea.  I recommend that all my clients have an extra workstation that is available should one of their's have a problem so that there is no down time for the user.  We usually keep this workstation in the closet right next to the server -- connected to the LAN and running just for the reason your problem requires.

Jeff
TechSoEasy

Author

Commented:
Jeff,

I have an extra workstation in office for just that reason. I did'nt want to tie it up however in the event that someone needed it. It also seems kinda counter productive to have a remote user (who is almost always remote) working on two machines. Your IP scheme makes senses, and logging into the VPN from another office worked just fine.

Would changing the IP scheme be difficult? Where on the server would I do that (the SBS 2003 box serves as DNS and DHCP)?

-Tyler
Principal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014
Commented:
If you want to change the server IP address, you would run the Change IP Address wizard (I know... obvious if you knew about it).  It's in Internet & Email section of the Server Management Console.  It's not always 100% successful however, but be sure that you run the Configure Email and Internet Connection Wizard as well as the Remote Access Wizard after you've changed the IP.

An alternative possibility would be to use Virtual PC to add a PC instance on your spare that could be used remotely.

Jeff
TechSoEasy

Author

Commented:
Its working awesome! Thanks guys!
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.