Solved

Server veiwable from far side of VPN, but Server can not see far side of VPN

Posted on 2008-10-30
4
244 Views
Last Modified: 2013-11-25
I have a client that has two locations conected via IPSEC VPN. The VPN is controled by an Astaro 220 firewall on the near side (10.0.X.X) and and a Linksys WRV200 at the remote location (192.168.X.X).  The remote location has no problem seeing all of the computers, mapping drives, or accessing exchange on the  10.0.X.X network. The issues is that the 10.0.X.X network can not see any of the PCs on the 192.168.X.X network. I can ping them, but can not access them via RDP, Net Use, or Map drive option in my computer.

What I have Chedcked so Far.
1. The Astaro Firewall has rules to allow all traffic in both directions over the VPN
2. The remote router looks to the Server on the 10.0.X.X network for DNS
3. The Server looks to itsef for DNS first
4. There are records in DNS for the remote network on the Server (Windows 2003 SBS)
5. Net Bios is enabled on PCs on both sides of the VPN
 
I am not sure where to go from here, any help would be great , Thanks
0
Comment
Question by:Teleswitch
  • 3
4 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22847249
For the record NetBIOS will not as a rule work over the VPN, however if there are DNS entris on the local (10.0.x.x) server for the remote site, I am surprised access by DNS name doesn't work.
As a test can you access remote resources by IP such as RDP or file shares:
RDP:             mstsc  -v:192.168.123.123
Flie shares:  \\192.168.123.123\ShareName

If that works try accessing by FQDN:
RDP:             mstsc  -v:Computer1.local
Flie shares:  \\Computer1.local\ShareName
0
 

Author Comment

by:Teleswitch
ID: 22849520
RDP and file share do not work .
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 22858553
>>"RDP and file share do not work ."
I assume you mean they do not work when accessing by IP rather than by name?

It can be related to too high an MTU value, usually you can connect, with MTU it doesn't fail until you actually start to transfer data.

The only other thought I have is this can sometimes be resolved by disabling "black Hole Router" detection. :
http://support.microsoft.com/kb/314825
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 23148306
Thanks Teleswitch.
Cheers !
--Rob
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question