VPN works, but cannot rdp to workstations

I have a client who has a windows 2003 server with vpn setup through routing and remote access. I can vpn into the network fine, attach to server shares and even rdp to the server, but if I try to rdp to any of the workstation I cannot do it. I cannot ping the workstations by name or ip.Remote connections are enabled on the workstations, I can rdp to the workstations from the server, but not from the pc that i am using to vpn in on. any ideas?
williamstechnologygroupAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Sounds like a routing issue. Did you try a tracert to a client ip yet?
0
williamstechnologygroupAuthor Commented:
no, i will give that a try, it should tell me where i am failing, correct?
0
James MontgomeryCommented:
Hello williamstechnologygroup,

what is the ip of the workstation - is it on same subnet to the server?

from the machine that is vpning in - run "route print" from the commnand prompt to see the routing table, also run tracert to server ip and workstation ip and note the differences.

Regards,

JimboEfx
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

yolamCommented:
1. Open remote and remoting MMC
2. RIght lick the server and check properities
3. In General, Check the option -->Router ---> Lan and demand dail routing
4. restart the service.

SHould e fine now.
Good Luck
0
Rob WilliamsCommented:
To further JimboEfx's comments.
The subnet used at the VPN server site, and the client site MUST be different. If both sites use similar subnets, such as 192.168.1.x you will only be able to contact the VPN server, and that is only possible if using the remote gateway is forced. Might duplicate subnets be the case?

Also, if the windows firewall is enabled on the PC's you will experience this issue. Remote desktop by default creates an exception in the firewall, but only for local connections. If enabled, see the following link to edit the firewall scope options for remote desktop:
http://www.lan-2-wan.com/RD-FW.htm
0
BigFunkyChiefCommented:
When you RDP, I'm assuming you've tried both DNS name and IP?  Both fail?

Check to see if you have DNS server statically setup in the VPN connection (Properties >> Networking >> TCP/IP Properties)?  If this does not get assigned to your VPN client automatically, you should have that in there.  In addition, it doesn't hurt to set it static as well.  So enter the IP of that Windows 2003 Server under the static DNS entries, reconnect to the VPN and see what happens.  That was an issue with one of our employees last week actually.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
williamstechnologygroupAuthor Commented:
I will be looking into this shortly. I will keep this open and let you know....
0
williamstechnologygroupAuthor Commented:
I have been unable to connect with the user on this issue. for now I will close the question and possibly reopen at a later time. thanks
0
williamstechnologygroupAuthor Commented:
Does anyone know how much time I have to leave a question open before it is forced to close or abandoned? I haven't been able to connect with this client and I'm not sure how important the issue is to him right now.
0
Rob WilliamsCommented:
There is no set time and you will be sent a notice first, but I believe it is more than 21 days with no posts at all as a guideline, and it's often much longer.
Let us know if you have any updates.
--Rob
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.