mstep3
asked on
Anyone know of good online information for setting up VPN Access to SBS Server 2003.
Hi,
Does anyone know of any good online articles & troubleshooting information for setting up VPN access to Windows Small Business Server 2003. Having a few difficulties setting up VPN access to Small Business Server 2003 using SMC Broadband Router/Firewall. Thanks for any helpful information you may be able to provide.
Thanks,
Mike
Does anyone know of any good online articles & troubleshooting information for setting up VPN access to Windows Small Business Server 2003. Having a few difficulties setting up VPN access to Small Business Server 2003 using SMC Broadband Router/Firewall. Thanks for any helpful information you may be able to provide.
Thanks,
Mike
ASKER
Hi,
I've read through many of the articles and tried many of the suggestions but my configuration still does not seem to be working correct.
I am running SBS 2003 with dual nic configuration and an SMC broadband modem/router/firewall for my internet connection. I've got the router/firewall set up to forward incoming requests on port 1723 to the IP address of the External Nic on the SBS Server using port forwarding. Is this the correct thing to do to get the request to the Server or should I be using something else?
Thanks,
Mike
I've read through many of the articles and tried many of the suggestions but my configuration still does not seem to be working correct.
I am running SBS 2003 with dual nic configuration and an SMC broadband modem/router/firewall for my internet connection. I've got the router/firewall set up to forward incoming requests on port 1723 to the IP address of the External Nic on the SBS Server using port forwarding. Is this the correct thing to do to get the request to the Server or should I be using something else?
Thanks,
Mike
That sounds correct, but you also need GRE Protocol 47 enabled on the router. Generally this is called PPTP Passthrough.
Outside of that, see http://sbsurl.com/vpn for the visual how-to for running the Remote Access Configuration Wizard.
If you are still having problems, you need to specify the exact error message you're getting in order for us to understand what the problem is.
Jeff
TechSoEasy
Outside of that, see http://sbsurl.com/vpn for the visual how-to for running the Remote Access Configuration Wizard.
If you are still having problems, you need to specify the exact error message you're getting in order for us to understand what the problem is.
Jeff
TechSoEasy
ASKER
Hi,
Right now when I try to connect I am getting an
Error 691: Access was denied because the username and/or password was invalid on the domain.
I started using Remote Web Workplace because I couldn't get VPN connection.
I am a little confused because I am not even sure on my firewall/router how to enable PPTP (GRE 47 Protocol). The router is an SMC Comcast Business Broadband Router. The only section I have that pertains to PPTP is a section under VPN that I can add users for PPTP/L2TP Connection. Is there anything specific that I should look for to allow GRE or is this probably it.
I'm certain that the user I'm logging in with is correct and is under Mobile Users Group. Thanks for the help.
Mike
Right now when I try to connect I am getting an
Error 691: Access was denied because the username and/or password was invalid on the domain.
I started using Remote Web Workplace because I couldn't get VPN connection.
I am a little confused because I am not even sure on my firewall/router how to enable PPTP (GRE 47 Protocol). The router is an SMC Comcast Business Broadband Router. The only section I have that pertains to PPTP is a section under VPN that I can add users for PPTP/L2TP Connection. Is there anything specific that I should look for to allow GRE or is this probably it.
I'm certain that the user I'm logging in with is correct and is under Mobile Users Group. Thanks for the help.
Mike
Well, even though you didn't provide the make/model of your router, that's not actually the problem here...
If you're getting Error 691, then most likely you ARE getting through to the SBS's VPN Authorization, but you might still have things misconfigured.
Are you using the Small Business Connection Manager VPN Client (Downloaded from the RWW Main Menu)?
Or did you create the VPN Connection manually? If you did that, then see these troubleshooting steps:
http://www.howtonetworking.com/casestudy/vpnerror691.htm
Jeff
TechSoEasy
If you're getting Error 691, then most likely you ARE getting through to the SBS's VPN Authorization, but you might still have things misconfigured.
Are you using the Small Business Connection Manager VPN Client (Downloaded from the RWW Main Menu)?
Or did you create the VPN Connection manually? If you did that, then see these troubleshooting steps:
http://www.howtonetworking.com/casestudy/vpnerror691.htm
Jeff
TechSoEasy
FYI, VPN's are normally only used for laptops which are members of the domain.
RWW is a better solution for those people who have desktop workstations in the office.
Jeff
TechSoEasy
RWW is a better solution for those people who have desktop workstations in the office.
Jeff
TechSoEasy
ASKER
Hello,
Thanks for the links. I did go through them and verify that I had the VPN connections set up properly.
I actually have tried setting up the VPN connection manually and also I have downloaded the Connection Manger using the RWW Main Page. When I try to connect outisde my office from home they both give the same error 691: 'Access was denied because the username and/or password was invalid on the domain'. I'm stumped on it right now, not sure what's wrong.
It's not really necessecary for me to be able to VPN, I guess I'm basically just wanting to make it work. I am able to do everything I need to do using Remote Web Workplace.
Thanks for your help and suggestions.
Mike
Thanks for the links. I did go through them and verify that I had the VPN connections set up properly.
I actually have tried setting up the VPN connection manually and also I have downloaded the Connection Manger using the RWW Main Page. When I try to connect outisde my office from home they both give the same error 691: 'Access was denied because the username and/or password was invalid on the domain'. I'm stumped on it right now, not sure what's wrong.
It's not really necessecary for me to be able to VPN, I guess I'm basically just wanting to make it work. I am able to do everything I need to do using Remote Web Workplace.
Thanks for your help and suggestions.
Mike
And what happens if you try to connect from INSIDE your office?
Also, what is the OS on the computer you are connecting from? Is it a domain-joined laptop? Or your home computer?
Jeff
TechSoEasy
Also, what is the OS on the computer you are connecting from? Is it a domain-joined laptop? Or your home computer?
Jeff
TechSoEasy
ASKER
Hi,
It does authenticate and I can connect from within the network when I set up a VPN connection manually and it's using Windows XP Home. I am not able to authenticate when I try to connect outside my network.
I know I can't configure it on the domain cause it's XP Home, but if the laptop has not been added to the domain using the connect client computer wizard is it not possible to connect to my network through VPN connection?
Thanks,
Mike
It does authenticate and I can connect from within the network when I set up a VPN connection manually and it's using Windows XP Home. I am not able to authenticate when I try to connect outside my network.
I know I can't configure it on the domain cause it's XP Home, but if the laptop has not been added to the domain using the connect client computer wizard is it not possible to connect to my network through VPN connection?
Thanks,
Mike
Are those two separate issues? Or are you using this same laptop at home as well?
Jeff
TechSoEasy
Jeff
TechSoEasy
ASKER
Yes, I am using the same laptop at home as well as at work. I am able to set up a VPN connection and connect to the server at work but I can't get it to authenticate when I try to access from outside the network.
Thanks,
Mike
Thanks,
Mike
Please provide a COMPLETE ipconfig /all from your SBS.
Also, have you tested "outside the network" from various locations? or just from home?
Jeff
TechSoEasy
Also, have you tested "outside the network" from various locations? or just from home?
Jeff
TechSoEasy
ASKER
Hello,
No, I haven't tried connecting from any other locations yet, only from home. I do have a hardware firewall at home too so I don't know if that might be affecting it. It does seem to try to authenticate though so I don't think anything is getting blocked.
Thanks,
Mike
Windows IP Configuration
Host Name . . . . . . . . . . . . : scs-server
Primary Dns Suffix . . . . . . . : SCS.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : SCS.local
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 S Server Adapter
Physical Address. . . . . . . . . : 00-1B-21-00-CD-A5
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.1.10.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 192.168.10.2
Primary WINS Server . . . . . . . : 192.168.10.2
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0B-CD-CF-DD-0E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.10.2
Primary WINS Server . . . . . . . : 192.168.10.2
No, I haven't tried connecting from any other locations yet, only from home. I do have a hardware firewall at home too so I don't know if that might be affecting it. It does seem to try to authenticate though so I don't think anything is getting blocked.
Thanks,
Mike
Windows IP Configuration
Host Name . . . . . . . . . . . . : scs-server
Primary Dns Suffix . . . . . . . : SCS.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : SCS.local
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 S Server Adapter
Physical Address. . . . . . . . . : 00-1B-21-00-CD-A5
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.1.10.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 192.168.10.2
Primary WINS Server . . . . . . . : 192.168.10.2
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7760 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0B-CD-CF-DD-0E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.10.2
Primary WINS Server . . . . . . . : 192.168.10.2
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello,
Thank you for your time and help. We have decided to use RWW rather than setting up VPN connections. It seems much more secure and has much more functionality than using VPN connection. I appreciate all your help.
Mike
Thank you for your time and help. We have decided to use RWW rather than setting up VPN connections. It seems much more secure and has much more functionality than using VPN connection. I appreciate all your help.
Mike
and
http://www.smallbizserver.net/