Solved

Site to Site VPN - Remote network XP machines can ping SBS Server at HQ but can't /connectcomputer

Posted on 2006-06-10
4
404 Views
Last Modified: 2010-04-19
Hi all,

I have a site to site VPN setup between a remote office (3 XP Pro boxes) and HQ (SBS Server, 8 XP Pro).  I happen to be using Zywall 5's, but I believe this problem is unrelated to the VPN Hardware.

HQ's network is: 10.112.12.x  (SBS Server is 10.112.12.10)
Remote network is: 10.112.14.x

The Zywall is handing out DHCP on the remote network - and is handing out DNS of 10.112.12.10.  The remote boxes can surf the web using the SBS DNS, but can't connect to companyweb or do /connectcomputer.  

For the solution to this issue, I have seen references to adding an IP route on the SBS box, but after an hour of googling - I'm asking for help on how to do that.  

I don't want to have each remote user (on the remote LAN) have to use the software VPN connector - I want them to be using a site to site VPN, so that they're not "remote users" but that they feel like they're on the network.  Also - I'd like the computers on the remote network to be accessible via RWW - which also necessitates the site to site VPN.

Thanks much!

Aaron Booker
0
Comment
Question by:hardlines
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16880501
connectcomputer will not run over a VPN connection by design.  The reason for this is that part of connectcomputer's function is to upgrade a workstation to the latest service pack as well as installing software as assigned to workstations.  This could be a lengthy process if it was done remotely, so they've disabled it's funcitonality.

There is a workaround posted at www.smallbizserver.net:  http://www.smallbizserver.net/Default.aspx?tabid=266&ArticleType=ArticleView&ArticleID=83&PageID=89

However, you can also create a VPN Tunnel (Router to Router) which would allow it as well, because then it doesn't know it's on a VPN.

If you want the remote computers accessible via RWW, then you will need to add a second Windows Server 2003 (standard edition) to your network as a domain controller at the remote location.  You can then actually tunnel from that server to the SBS for your VPN.  You should NOT have the Zywall providing DHCP on the remote network... DHCP does much more than just an IP Addresses... they should be getting their networking info from the SBS.

See http://sbsurl.com/multiserver for various solutions to your situation.

Jeff
TechSoEasy
0
 

Author Comment

by:hardlines
ID: 16894471
Jeff,

Problem is solved.  I added the subnet 10.112.14.0 to IIS for the default website.

(Thanks to Marina over on http://www.smallbizserver.net)
Properties of the Default Website, tab Directory Security, IP restrictions, add the remote subdomain.  

I recommend being careful not to restrict access to just the local and remote networks though - as then you'll lose access from home (like I did, by accident) when you implement the fix for the remote office! ;-)

I have a site to site VPN (Tunnel) in place between the two locations - but no companyweb and no /connectcomputer was driving me crazy, as the main office relies on Sharepoint.

Anyway, all solved.  Thanks for your response.

Aaron
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 17582877
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question