?
Solved

dns via vpn pptp

Posted on 2006-04-20
15
Medium Priority
?
385 Views
Last Modified: 2012-08-13
I have configured the users to use vpn client to sbs server from remote office.  They a block of ip's are given to those users, but the netbui is not coming acrosss nor registering in dns, any clues as to what to do for this?

0
Comment
Question by:c3podatacomm
  • 7
  • 6
13 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16505608
Can you please be more specific about your problem?  What routers are you using, for instance?  What errors are displayed by the VPN client?

Jeff
TechSoEasy
0
 

Author Comment

by:c3podatacomm
ID: 16509659
sonicwall router firewalls.  the client connects properly, but from the primary network, we are unable to remote desktop back.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16511453
So, you are trying to use RDP to view a remote user's desktop connected via SBS's VPN client, correct?

If you have configured your SBS according to best practices, and have used both the Configure Email and Internet Connection Wizard (Connect to the Internet link in Server Management Console > Internet and Email) AND the Configure Remote Access Wizard, then SBS will create a reserved block of VPN IP's in your DHCP scope.

To view these IP's open the DHCP Manager > Scope > Address Leases.  If you have installed Service Pack 1, you will see 7 IP's that are attributed to RAS.  (Without SP1, there are 10).  5 of these are designated for PPTP.  If you need more than that you need to increase the number in RRAS Manager > Ports.

If you provide an IPCONFIG /ALL from your server that will help in further diagnosing your problem.

Jeff
TechSoEasy
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:c3podatacomm
ID: 16538261
after looking into this further.  dns is registering the users local ip address and not the rras address given to the client computer.  How can I correct this?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16540057
Please post the IPCONFIG /ALL as requested.

If you can also provide one from the user's machine as well that would help.

Jeff
TechSoEasy
0
 

Author Comment

by:c3podatacomm
ID: 16540082
Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
        Physical Address. . . . . . . . . : 00-11-D8-04-5E-62
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.2.75
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.2.254
        DNS Servers . . . . . . . . . . . : 192.168.1.61
                                            4.2.2.1
                                            4.2.2.2
        Primary WINS Server . . . . . . . : 192.168.1.61

PPP adapter dlg.local:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.86
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.1.86
        DNS Servers . . . . . . . . . . . : 192.168.1.61
        Primary WINS Server . . . . . . . : 192.168.1.61
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16540278
Is this from the client workstation??

I certainly hope it's not from the server.


Jeff
TechSoEasy
0
 

Author Comment

by:c3podatacomm
ID: 16540361
yes client
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16540660
can you please post the one from the server?
0
 

Author Comment

by:c3podatacomm
ID: 16541107
Windows IP Configuration

   Host Name . . . . . . . . . . . . : DLG-SBS
   Primary Dns Suffix  . . . . . . . : dlg.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : dlg.local

PPP adapter RAS Server (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.80
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter NIC #2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #
2
   Physical Address. . . . . . . . . : 00-14-22-79-30-DC
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.62
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.61
   Primary WINS Server . . . . . . . : 192.168.1.61

Ethernet adapter NIC #1:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-14-22-79-30-DB
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.61
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.61
   Primary WINS Server . . . . . . . : 192.168.1.61
   NetBIOS over Tcpip. . . . . . . . : Disabled
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16542340
Ah... this is what I suspected... you have the same IP Subnet assigned to both your internal and external NICs.  Not only that, but you have designated the EXTERNAL NIC as your DNS server, while it actually should be the internal.  It is also recommended that you use IP Subnets that will not conflict with ones used by popular routers that users may have at home (such as 192.168.1.x or 192.168.100.x, 192.168.0.x).  The recommended internal IP address for SBS is 192.168.16.2 and I generally use 192.168.200.x for the external NIC (there are others that would use an entirely different range such as 10.0.0.x).  

See the example of this configuration here:  http://sbsurl.com/twonics

You'll have to decide whether to change one or both of these ranges.  If you change the Internal IP, you need to use the Change Server IP Address wizard found in the Internet & Email section of the Server Control Panel.  Changing the External IP will require modifying the configuration in your router.  I recommend changing both, but if you are going to change the INTERNAL IP address you must wait until you've gotten the rest of these changes made beforehand (Which means that you would make the changes with the 192.168.1.62 IP for the time being and then after everything is working properly, you can run the Change Server IP address wizard).

These are the additional items which need to be corrected:

1. There should be no Gateway entry on the INTERNAL NIC, so you need to remove that (it should remain blank).

2.  The DNS Server listed on both NICS should be the IP address of your INTERNAL NIC.

3.  The WINS IP Address should be that of your INTERNAL NIC, and it should only be listed on the Internal NIC, not the External one.  

4.  By the looks of the names of your NICs it's possible that their binding order is incorrect.  Open up Network Connections > Advanced > Advanced Settings... and make sure that the Internal NIC is first (you can rename these to Internal NIC and External NIC if you want to make them easier to identify).

Before you make any of these changes you should disconnect all workstations from your server (I'm assuming you have a switch on the internal side, just unplug all of them from the switch).  Then, after you've made the changes, you MUST rerun the Configure Email and Internet Connection Wizard.  It is here that you will insert your ISP's DNS Server IPs so that they get automatically entered as your forwarders in your DNS.  Follow that with the Configure Remote Access Wizard to reconfigure your DNS settings.

After you've determined that everything is working INTERNALLY without errors, you can try connecting to the VPN from within your LAN just to make sure that it's configured right.  This removes any possibility of a problem caused by incorrect configuration on the SonicWall routers, because they can be somewhat difficult to configure and you want to make sure that the SBS LAN is in good shape before ventureing outwards.

Plesase complete the above and let me know how it turns out.  You can then decide whether you want to use the SonicWall's to create a VPN tunnel, or if you want the remote machines to just connect directly to the SBS as the VPN endpoint.

Jeff
TechSoEasy


0
 

Author Comment

by:c3podatacomm
ID: 16545405
Jeff

This was teamed.   These addresses are both internal.  There is nat being performed on the Sonicwall.

nic 2 is not connected.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 16548723
Why do you have teamed NICS?  how much traffic is there?  Teamed NICS are not recommended on an SBS.  It doesn't like it... and the wizards are not capable of adjusting for it.  Which means that whenever you change something you would have to manually configure about 30 settings just to keep everything running smoothly because of the interdependencies of SBS's components.

I'd recommend that you don't keep it configured that way.

Jeff
TechSoEasy
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question