• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 275
  • Last Modified:

Can connect to Windows 2000 VPN, but can do nothing else

My question is regarding a VPN connection that was working for the longest time, then just stopped working. I assume it might have been caused by a Windows update, but not sure. The only update recently applied was for a fix to the group policies.

Anyway, the way it's currently setup, is the router/firewall has the PPTP port open to a specific Windows 2000 server, which is setup with Routing and Remote Access Server.

Everything seems fine, as people can connect and get authenticated, but they can no longer access any other server/resource on the network except the RRAS server itself. They need to be able to get to servers other than the RRAS, which they used to be able to do so.

Any ideas? The Event Logs just have errors about DNS problems, but they've always been there.
0
mk553
Asked:
mk553
  • 3
  • 2
1 Solution
 
Rob WilliamsCommented:
Personally I am aware of no updates affecting PPTP VPN's (there are some for IPSec VPN's). However if you have DNS errors, have you tried connecting to the other devices by IP rather than by name, just as a test?
0
 
mk553Author Commented:
Thanks for the comment. No, I can't ping/connect to any other devices by IP address either.

Another odd thing, is if I try to ping the RRAS server locally by name, the IP address returned is the internal one the RRAS assigned to itself.

In the meantime, I've been trying to just create a new RRAS server on a different computer, but with worse results. Once enabled, the RRAS server seems to knock the computer off the network -- it seems to prevent any kind of routing (i.e., internet or local resources).

0
 
Rob WilliamsCommented:
Odd...

What error number do the users get when they try to connect, such as 721 ?
Does the RRAS server have 1 or 2 network adapters ?
On the new RRAS server there isn't and IP conflict with another device is there, DHCP or static ?
0
 
mk553Author Commented:
Well, I went ahead and created a new static pool of IP addresses, just to be on the safe side, but what *appears* to have fixed it was removing a windows KB Update. I noticed it was installed right about the time the trouble started.

To answer your questions though, for anyone else that might have been having the same trouble: no, the users could connect just fine -- they just couldn't ping/connect to anything once connected. The RRAS server would *only* allow people to log in on our PDC. I tried setting it up on other servers, but once enabled, those servers could no longer see the network, effectively breaking everything. So I had to disable those again. There's only 1 NIC in the PDC that finally works now.

Do you know why the RRAS server would cause such a problem on the non-PDC servers? Once I tried to ping the PDC or gateway, I would just get 'destination host unreachable'. Nothing else had changed though, so it was very confusing (and frustrating) to say the least. :-)

Thanks again for your help!
0
 
Rob WilliamsCommented:
Thanks mk553,

Which KB update was it? Would be good to keep an eye out for that as a potential problem.

As for the problem with RRAS, the only thought I had was it was assigning an IP that was causing a conflict. I have set it up on standalone servers before without a problem. You could also have an authentication problem if Active Directory or DNS were set up wrong but that didn't seem to be the case with your problem.

--Rob
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now