Solved

Unable to connecto to local resources after connection to RV042 with Linksys QuickVPN client

Posted on 2006-07-10
6
438 Views
Last Modified: 2010-04-12
Experts,

Remote setup:  I'm on an xp pro pc with typical workgroup settings, 10.10.10.x network.

Office setup:  Windows 2000 server running AD, & 5 pc's on 192.168.1.x network.

I've configured a RV042 at the office and can VPN to it.  however I do not get a virtual tunnel between my pc and the router nor do I get an IP assigned to me from the office lan.  

So I'm totally confused.  I can ping the ip's on the lan I've connected to.  I can open windows explorer and connect to the windows 2000 server there and browse the files.  I just can't use XP's "remote desktop connection" utility to actually remote control the server or hosts there.


My local IP is 10.10.10.100, remote lan IP is 192.168.1.x
I get status from the linksys vpn client that I'm connected
I can ping the windows 2000 server and browse files with windows explorer.


any help would be appreciated.
0
Comment
Question by:sugarfreeless
  • 3
  • 3
6 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17080969
>>"can VPN to it.  however I do not get a virtual tunnel between my pc and the router "
Can you clarify, this sounds like a bit of a contradiction.

>>"nor do I get an IP assigned to me from the office lan"
You will not see an IP with the QuickVPN client

You must have a connection if you are able to ping the remote computers. As a test make sure the Windows, or any other software firewall, has been disabled on the PC to which you are trying to connect. The Windows firewall by default, if configured for Remote desktop, only allows connections from the local network. That can be re-configured under scope options of the firewall exceptions tab, but best to disable for now.
Can you connect locally using remote desktop? Verify that first so you know it is working.

When connecting to devices, you may not be able to connect by name (for now) so try connecting by IP, whether remote desktop, or shares (such as  \\192.168.168.1.123\ShareName

Just food for thought: there is no problem with your current IP configuration but the subnets at either end of the office need to be different, they are here, but if you plan to be mobile it is possible you may run into conflicts with the office being 192.168.1.x, where it is extremely common. If possible, I would change the office at some point.

0
 
LVL 3

Author Comment

by:sugarfreeless
ID: 17087190
RobWill,

Ok, it seemed like a condradiction that I would be connectected to the remote router and not have an IP assigned to me from that lan.  I definately understood that there was a connection I've just not seen vpn technology used this way and it really threw me.

I have been attempting to connect to the w2k server with remote desktop and a local desktop with no avail.  I suppose there is something blocking me such as remote desktop not being configured like you suggested.

So this isn't something much worse like becuase I'm not part of the domain I wont be able to use network resources, right, God I hope not!
0
 
LVL 3

Author Comment

by:sugarfreeless
ID: 17087194
Also any pointers on how to change the IP of a windows 2000 server would be appreciated.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 17092259
>>"I've just not seen vpn technology used this way and it really threw me."
There are many oddities with different VPN clients.

>>"I suppose there is something blocking me such as remote desktop not being configured like you suggested."
Make sure remote desktop works locally first. I posted a check list below you might want to run through.

>>"So this isn't something much worse like because I'm not part of the domain I wont be able to use network resources"
The computer doesn't need to be part of the domain but you will need a domain user account to access resources.

>>"Also any pointers on how to change the IP of a windows 2000 server "
Changing the IP of a 2000 server shouldn't be too bad, but I would recommend posting a specific question for that in the server forum in case there are any catches. You need to change the IP on the network adapter and then clean up DNS, but best way to do that may be to run the DNS configuration wizard. On the other hand if you have SBS 2000 it can be a real pain and I would avoid it. It affects a lot of other services.

Remote desktop check list:
1-try connecting using the IP of the remote computer not the computer name
2-"allow users to connect remotely to this computer" must be enabled
3-you must be a member of the remote desktop users group (administrators are by default)
4-if the workstation is a member of a server 2000/2003 domain you will have one of the 2 following check boxes, depending on the version, on the "Terminal Services Profile" of the users profile in Active Directory. Make sure it is checked appropriately. "Deny the user permission to log on to any terminal server", or "Allow Logon to Terminal Server"
5-if XP SP2 or Server 2003 SP1 the firewall needs to be configured to allow remote connections ( I would disable for now for troubleshooting purposes)
6-make sure any other software firewalls are disabled as well (for test purposes), including Internet security suites. Symantec's sometimes needs to be un-installed or if using Symantec Antivirus some versions have "Internet Worm Protection" which can block Remote Desktop. Try disabling that as well.
7-Verify the Remote Desktop User group has the rights to log on using Terminal Services.  Go to Control Panel | Administrative tools | Local Security Policy | Local Policies | User Rights Assignments ...make sure Remote Desktop Users is included in "allow logon through Terminal Services"  
8-The terminal Services service must be running
If you have access to the remote machine make sure it is "listening" for your connection. To do so at a command line enter (substitute port # if not using default 3389):
  netstat  -an  |find  "3389"
You should get the following result:
TCP   0.0.0.0:3389    0.0.0.0:0    listening
If not go to Start  | Run | services.msc and see if Terminal Services is started and set to automatic
9- Note also; only runs on XPpro, not XPhome






0
 
LVL 3

Author Comment

by:sugarfreeless
ID: 17111221
update.

It appears that I was connected the whole time.

Here is where everything when wrong.

The pc I was attempting to remote desktop to is windows a XP HOME computer!  ARG!!!

the server didn't have terminal services installed or running.

Once I configured the server and other computers on the network all was fine except for the system I needed access to the whole time.  Becuase it is running XP HOME!!!

I discovered I could connect to the server and other pc's just fine.  Only that pc was not working.

So all your help is appreciated but I figured it out.  I will however give points to robwill for the awesome check list.  Thanks Rob...
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17111249
#9- Note also; only runs on XPpro, not XPhome  :-)

Glad to hear you were able to get it working.
Thanks very much. Enjoy your week end.
--Rob
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now