Solved

Server veiwable from far side of VPN, but Server can not see far side of VPN

Posted on 2008-10-30
4
246 Views
Last Modified: 2013-11-25
I have a client that has two locations conected via IPSEC VPN. The VPN is controled by an Astaro 220 firewall on the near side (10.0.X.X) and and a Linksys WRV200 at the remote location (192.168.X.X).  The remote location has no problem seeing all of the computers, mapping drives, or accessing exchange on the  10.0.X.X network. The issues is that the 10.0.X.X network can not see any of the PCs on the 192.168.X.X network. I can ping them, but can not access them via RDP, Net Use, or Map drive option in my computer.

What I have Chedcked so Far.
1. The Astaro Firewall has rules to allow all traffic in both directions over the VPN
2. The remote router looks to the Server on the 10.0.X.X network for DNS
3. The Server looks to itsef for DNS first
4. There are records in DNS for the remote network on the Server (Windows 2003 SBS)
5. Net Bios is enabled on PCs on both sides of the VPN
 
I am not sure where to go from here, any help would be great , Thanks
0
Comment
Question by:Teleswitch
  • 3
4 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22847249
For the record NetBIOS will not as a rule work over the VPN, however if there are DNS entris on the local (10.0.x.x) server for the remote site, I am surprised access by DNS name doesn't work.
As a test can you access remote resources by IP such as RDP or file shares:
RDP:             mstsc  -v:192.168.123.123
Flie shares:  \\192.168.123.123\ShareName

If that works try accessing by FQDN:
RDP:             mstsc  -v:Computer1.local
Flie shares:  \\Computer1.local\ShareName
0
 

Author Comment

by:Teleswitch
ID: 22849520
RDP and file share do not work .
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 22858553
>>"RDP and file share do not work ."
I assume you mean they do not work when accessing by IP rather than by name?

It can be related to too high an MTU value, usually you can connect, with MTU it doesn't fail until you actually start to transfer data.

The only other thought I have is this can sometimes be resolved by disabling "black Hole Router" detection. :
http://support.microsoft.com/kb/314825
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 23148306
Thanks Teleswitch.
Cheers !
--Rob
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question