Cannot connect to one specific server through vpn

Let me first say I am not very familiar with networking, the network was in place when I started at my company.  We are using a cisco router with pix programming.  When I log in from home, I can hit the company shared hard drive, the backup server, and our IBM server.  In March we added another Dell server on which resides the data files for a program loaded on each laptop.  When accessing through the VPN we cannot hit the Dell server and the program on the laptop cannot run as it can't access the data files.
I can remote access to the desktop of that server.
The Dell has been set up with to FTP information from our vendors to the server for the above mentioned program.
Is there something I can look at to see why that is the only server I can't access?
Secondly, my boss want to use his laptop and home and do everything that he can do in the office, is  there a better way than VPN?
rdaniels08Asked:
Who is Participating?
 
evan021702Connect With a Mentor Commented:
If you are using a different subnet for the VPN traffic then you need to be sure that either the default gateway of the server has a route to push this traffic back to the PIX or put a route on the server itself.
For example if your internal subnet is 192.168.10.0/24 with a default gateway of 192.168.10.1 , and the subnet assigned to VPN clients is 192.168.20.0/24, then you must check your routing.  If 192.168.10.1 is another device besides the PIX, then that device needs to have a route to forward the traffic back to the PIX:
ip route 192.168.20.0 255.255.255.0 192.168.10.1
If that is all correct, then there has to be something in the access-lists that is denying you access to the internal resources.  You must remember that on a PIX everything is denied by default if coming from the outside or VPN.  You must either specifically allow each protocol you want, or open it for all ports:
To open all ports your access-list would need to have something like:
access-list 100 permit ip any any
Then have that access-list tied to the VPN subnet.
0
 
evan021702Commented:
What OS is running on the Dell server?  Is this different that the other servers?  Do you use DHCP to assign the addresses of the server or are they static?  If static be sure the gateway is the same as the other machines.  You will also need to check the access-lists on the cisco/pix to be sure that the ports you need are open to that server.  The access rules could be set for each individual server or IP address, so if the dell server is new it may just need to be added.
If all else fails, you could use LogMeIn or Remote Desktop and have your boss get into a PC that is still on the network instead of using the laptop remotely.
0
 
rdaniels08Author Commented:
The gateway is set up the same, the last person to do programming on the pix intstituted port forwarding for FTP.  The server is running 2003 where the other machines are xp and one is propriatary software from Prophet 21 that one I am not sure on.  We use a shared hard driver and do not have a true domain server.  The ip address is static.
Right now we use remote desktop to access that server when we need it from home, but it is more cumbersome.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
evan021702Commented:
Are you able to get to these shares when you are at the office using the internal network?  
0
 
rdaniels08Author Commented:
Yes I can get to everything I need when connect to the network at the office.
0
 
rdaniels08Author Commented:
Thank you for the input, I am contacting someone who specializes in PIX's programming to review our setup.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.