• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1143
  • Last Modified:

VPN connects but cannot access network resources

I have used the VPN config wizard to create a VPN connection to my SBS2003 server SP1.  I setup the VPN connection on the client machine using -Network Connections-Create New connection wizard on WXP clients.  The VPN connects, but I cannot ping the server by name or IP address.  To be sure aI am actuakky authenticating, when I am prompted for username, password and domain, I leave the password blank or enter the wrong one, and I am not allowed to connect.

Thinking it is a DNS or routing issue, I go to open Routing and Remote Access on the server, but get an error message:

MMC cannot open the file C:\windows\system32\rrasmgmt.msc.
This may be beacuse the file does not exist, is not an MMC console or was created by a later versionof MMC.  This may also be because you do not have sufficient access rights to the file.

And that is when I am logged on as domain admin.  If I right click and select run as to open the console and use my personal credentials (whis is in the administrators group) the console opens.  Once in there,  I can see the computer connected via VPN with a valid IP from the DHCP scope that the server uses, but I cannot pint it from the server either.

I am stumped by:
1) Why the VPN connects but cannot browse the network
2) Why the administrator cannot open the rras mmc, but my AD account can

Thanks for you help on these,

Omar W

0
oweathersby
Asked:
oweathersby
  • 3
  • 2
1 Solution
 
tomcahillCommented:
The VPN issue is probably because of the IP address.  If your remote PC has the same IP scheme as your host network you can have issues.  

Most home networks are 192.168.0.0 or 192.168.1.0, so are most SBS networks.  For this reason I normally setup my SBS networks as 10.0.0.0 and avoid the VPN problems.

That being said, with RWW do you really NEED to vpn in?  would it not be simpler, and faster to use RWW to connect to your desktop?

AS for the administrator account not being able to open rras mmc.  Definately a weird permissions thing.  Is the account you are using also in the Administrators group, or just domain admins?
0
 
oweathersbyAuthor Commented:
Hi Tomcahill,

I don't want to change the IP's on the network, though I only have one server and about 9 clients.  Would it help if I set up separate IP pools for local clients and VPN Clients?

And I have not used RWW before.

As for the administrator account, it is part of Administrators, Domsin Admins, Enterprise admins, Domain users, Group Policy Creator Owners, Mobile users, and Schema Admins

My AD account is in Domain Admins, Domina Users, Enterprise Admins, Mobile Users, Usage Report Users, and a local distribution group.
0
 
Erik BjersPrincipal Systems AdministratorCommented:
Your remote clients must have a different subnet before connecting to the VPN, once connected to the VPN they can be on the same network.

If the clients have the same IS subnet as the network behind the VPN then as tomcahill stated traffic will not flow.

Other things to look at include firewall configuration.

eb
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
oweathersbyAuthor Commented:
Changing the IP's corrected teh VPN issue.  Thank you.  Should I accept this as a solution and submit a separate question for the access to rras.mmc problem that I came across?

Thanks,

Omar
0
 
oweathersbyAuthor Commented:
Thank you
0
 
Erik BjersPrincipal Systems AdministratorCommented:
Glad you got it working

eb
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now