Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VPN access to SBS2003 via Zyxel router

Posted on 2009-05-19
10
Medium Priority
?
452 Views
Last Modified: 2013-11-21
Trying to set up a VPN to my SBS2003 LAN. I can go through the VPN setup wizard on an external PC, connect to my router IP and have NAT and firewall configured so it passes through to the SBS2003 server. The connection is made successfully and i'm connected. Great.

But i cant map drives to the shares on the SBS server. Cant ping the SBS server. Cant do an nslookup and get the SBS servers name/IP while connected via the VPN. Although the VPN is up and connected, its useless as i cant connect to or ping anything on the LAN

Have used the wizard in SBS to set everything up and cant understand why its not working

I also have a web cam device on the LAN that uses port 37777 and that has stopped working too over the VPN (all of the above works fine internally)

I need 2 things to work. The camera system on port 37777 and file sharing so i can map a drive to \\servernme\sharename

I can use RWW as this works OK but viewing the cameras and working with files is a bit clunky and slow over RDP
0
Comment
Question by:Izattafact
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 24427083
Is there any chance the SBS and the connecting client use the same local subnet at their respective sites, such as both sites using 192.168.1.x? They must be different or you will experience inability to access resources, even though you can connect to the server with the VPN.

You may also want to review the SBS VPN set up procedure:
http://www.lan-2-wan.com/SBS-VPN-instr.htm
0
 

Author Comment

by:Izattafact
ID: 24436111
yes the remote site is 192.168.1.x and the SBS lan is all 192.168.1.x - will this cause a problem you think? It was working before and i dont know what changed to make it stop working. In fact my own LAN is 192.168.1.x too and i get the same issue....hmmm i'll try and change my lan to 192.168.2.x to see if it makes a difference
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24437458
A basic rule of routing is no two network segments in the path from client to host can have the same subnet. Packets are routed based on the subnet to which they belong. If a local and remote location have the subnet, where should the packets be forwarded?
You will need to change one site or the other. It is generally best to change the server site as no one will be able to connect from a site that uses a default router subnet of 192.168.1.x such as a hotel. However, changing the server site, especially an SBS, can be a big job. If you decide to do so plan carefully and if changing the SBS LAN IP you *MUST* use the change server IP wizard in the server management console under Internet and e-mail. Failing to do so will break most SBS services. After completion you also need to re-run the CEICW.
0
Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

 

Author Comment

by:Izattafact
ID: 24441863
i thought NAT should handle all this but i see your point. If my subnet at home and another subnet at another home both use 192.168.1.x with 192.168.1.254 as theiur default gateway, the it stands to reason that the default gateway will try to find any other 192.168.1.x addresses so will never route outside of the local lan. Strange though, that when the PPP connection is made, it gets an IP and gets the DHCP and DNS server information from the DHCP server. So what happens whn you connect a PC normally using a VPN? Does it use the default gateway on the VPN connection or on the LAN side - need to do a route print to find this one out. Will try tonight and let you know (though still puzzled why it worked before...)
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24442291
Correct all packets for that subnet are kept local, by the local router.
The one exception to this and why it can sometimes work is the VPN/PPP adapter is assigned an IP in the remote subnet, which may be the same as the local subnet. It also gets a static route added to the local routing table for that one IP, with its own default gateway (which is the same as the assigned IP). Traffic is then routed to the VPN server for that one IP which also corresponds to the DNS and WINS IP's. However, for this to work the "use remote default gateway" option must be checked/enabled in the VPN/virtual adapter. Even though this can allow access to the remote VPN server, if that server has a single NIC and uses the same subnet for its LAN, you will not be able to connect to any other IP at that site with the same subnet, again due to the same routing issue.
0
 

Author Comment

by:Izattafact
ID: 24532249
Spot on RobWill. Worked a treat. Thanks
0
 

Author Closing Comment

by:Izattafact
ID: 31582909
Thanks mate saved my ass there!!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24532274
Glad to hear. Thanks Izattafact.
Cheers!
--Rob
0
 

Author Comment

by:Izattafact
ID: 24532307
did you get your points?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 24532598
:-)  yes thank you very much.
--Rob
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Desktop Protocol or RDP has become an essential tool in many offices. This article will show you how to set up an external IP to point directly to an RDP session. There are many reasons why this is beneficial but perhaps the top reason is con…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question