VPN connects but cannot access network resources
I have used the VPN config wizard to create a VPN connection to my SBS2003 server SP1. I setup the VPN connection on the client machine using -Network Connections-Create New connection wizard on WXP clients. The VPN connects, but I cannot ping the server by name or IP address. To be sure aI am actuakky authenticating, when I am prompted for username, password and domain, I leave the password blank or enter the wrong one, and I am not allowed to connect.
Thinking it is a DNS or routing issue, I go to open Routing and Remote Access on the server, but get an error message:
MMC cannot open the file C:\windows\system32\rrasmg
This may be beacuse the file does not exist, is not an MMC console or was created by a later versionof MMC. This may also be because you do not have sufficient access rights to the file.
And that is when I am logged on as domain admin. If I right click and select run as to open the console and use my personal credentials (whis is in the administrators group) the console opens. Once in there, I can see the computer connected via VPN with a valid IP from the DHCP scope that the server uses, but I cannot pint it from the server either.
I am stumped by:
1) Why the VPN connects but cannot browse the network
2) Why the administrator cannot open the rras mmc, but my AD account can
Thanks for you help on these,
Omar W
Thinking it is a DNS or routing issue, I go to open Routing and Remote Access on the server, but get an error message:
MMC cannot open the file C:\windows\system32\rrasmg
This may be beacuse the file does not exist, is not an MMC console or was created by a later versionof MMC. This may also be because you do not have sufficient access rights to the file.
And that is when I am logged on as domain admin. If I right click and select run as to open the console and use my personal credentials (whis is in the administrators group) the console opens. Once in there, I can see the computer connected via VPN with a valid IP from the DHCP scope that the server uses, but I cannot pint it from the server either.
I am stumped by:
1) Why the VPN connects but cannot browse the network
2) Why the administrator cannot open the rras mmc, but my AD account can
Thanks for you help on these,
Omar W
ASKER
Hi Tomcahill,
I don't want to change the IP's on the network, though I only have one server and about 9 clients. Would it help if I set up separate IP pools for local clients and VPN Clients?
And I have not used RWW before.
As for the administrator account, it is part of Administrators, Domsin Admins, Enterprise admins, Domain users, Group Policy Creator Owners, Mobile users, and Schema Admins
My AD account is in Domain Admins, Domina Users, Enterprise Admins, Mobile Users, Usage Report Users, and a local distribution group.
I don't want to change the IP's on the network, though I only have one server and about 9 clients. Would it help if I set up separate IP pools for local clients and VPN Clients?
And I have not used RWW before.
As for the administrator account, it is part of Administrators, Domsin Admins, Enterprise admins, Domain users, Group Policy Creator Owners, Mobile users, and Schema Admins
My AD account is in Domain Admins, Domina Users, Enterprise Admins, Mobile Users, Usage Report Users, and a local distribution group.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Changing the IP's corrected teh VPN issue. Thank you. Should I accept this as a solution and submit a separate question for the access to rras.mmc problem that I came across?
Thanks,
Omar
Thanks,
Omar
ASKER
Thank you
Glad you got it working
eb
eb
Most home networks are 192.168.0.0 or 192.168.1.0, so are most SBS networks. For this reason I normally setup my SBS networks as 10.0.0.0 and avoid the VPN problems.
That being said, with RWW do you really NEED to vpn in? would it not be simpler, and faster to use RWW to connect to your desktop?
AS for the administrator account not being able to open rras mmc. Definately a weird permissions thing. Is the account you are using also in the Administrators group, or just domain admins?