Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!
VPN setup, cannot browse remote network from windows 7 machine
I've setup a vpn on a windows 2003 server and can connect successfully from an external win2000 or win7 machine. On both machines I'm unable to browse the network and I have problems connecting to one other server on the network (server A). Both machines can ping server A and server A can ping both machines.
The win2000 machine is able to remote desktop to server A however when trying to browse it's folder it asks for a username/password. It will not accept a u/p of an account on the domain, however I created a local account on server A and this works.
The win7 machine cannot remote desktop to server A and gets the error: "You computer could not connect to another console session on the remote computer because you already have a console session in progress". It is able to RDC to other machines on the network however. When trying to browse server A the win7 machine also is requested a username/password however both the domain account and local server A account do not work.
The win2000 machine is able to remote desktop to server A however when trying to browse it's folder it asks for a username/password. It will not accept a u/p of an account on the domain, however I created a local account on server A and this works.
The win7 machine cannot remote desktop to server A and gets the error: "You computer could not connect to another console session on the remote computer because you already have a console session in progress". It is able to RDC to other machines on the network however. When trying to browse server A the win7 machine also is requested a username/password however both the domain account and local server A account do not work.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Also, the win2000 machine is set on the same domain as the network however is no longer local so is using the vpn and is using a different subnet(ip's are not similar). The win7 machine is on a workgroup and the same subnet as the network (192.168.0.whatever). I'm not network orientated so not sure if I've got the terminology right.
I should also mention that server A is a windows 2003 server however is not the windows 2003 server that the vpn is setup on.
Can you connect a share by IP address and then browse?
That is, from the Windows 7 machine, open a command prompt and type:
NET USE Z: \\192.168.0.x\C$ and authenticate, where 192.168.0.x is the addess of the server.
Also, you say the Windows 7 machine is on the same subnet as the network (server). That cannot be. They must be on different subnets. ... Thinkpads_User
That is, from the Windows 7 machine, open a command prompt and type:
NET USE Z: \\192.168.0.x\C$ and authenticate, where 192.168.0.x is the addess of the server.
Also, you say the Windows 7 machine is on the same subnet as the network (server). That cannot be. They must be on different subnets. ... Thinkpads_User
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Hi Thinkpads_User,
I can't browse by ip or name. It asks me to authenticate and neither a domain accoun tor a local account on the server works.However from the win2000 machine I can browse and authenticate with the local server account but also not with a domain account.
When you say subnets, do you mean 192.168.0.*? So if the network machines are 192.168.0.1, 192.168.0.2 etc, I need to alter the router for my win7 machine so that it has the local ip of 192.168.1.1?
I can't browse by ip or name. It asks me to authenticate and neither a domain accoun tor a local account on the server works.However from the win2000 machine I can browse and authenticate with the local server account but also not with a domain account.
When you say subnets, do you mean 192.168.0.*? So if the network machines are 192.168.0.1, 192.168.0.2 etc, I need to alter the router for my win7 machine so that it has the local ip of 192.168.1.1?
It looks like a subnet problem at this point. It is possible to connect a VPN and not browse by either IP or Name when the subnets at each end are the same.
So your server has an internal address on its network of 192.168.0.x (x=001, 002, 101, 102, whatever).
Now your remote end (the Windows 7 machine here) must be 192.168.1.y (y=001, 002, etc).
Here, the 0 or the 1 is the subnet and they cannot be the same in a VPN environment. The remote end can be 1, 2, 55, 77, etc - just not 0.
I am not sure why your Windows 2000 machine can browse and authenticate. Is it using VPN, and is it remote? If so, it needs to be on a different subnet as well.
... Thinkpads_User
So your server has an internal address on its network of 192.168.0.x (x=001, 002, 101, 102, whatever).
Now your remote end (the Windows 7 machine here) must be 192.168.1.y (y=001, 002, etc).
Here, the 0 or the 1 is the subnet and they cannot be the same in a VPN environment. The remote end can be 1, 2, 55, 77, etc - just not 0.
I am not sure why your Windows 2000 machine can browse and authenticate. Is it using VPN, and is it remote? If so, it needs to be on a different subnet as well.
... Thinkpads_User
Ok, I'll try chaning the subnet on the win7 machine, however I'm about 8 hours away from having access to it.
I should point out though that the win7 machine can browse and RDC to other servers and machines on the network just not a specific individual server. The win2000 server can browse and RDC to all servers however also has the authentication problem with the specific server however can use a local account to browse.
Which is why I think the issue lies with the server they are both having issues with.
Yes, the win200 and win7 are both remote and using vpn.
I should point out though that the win7 machine can browse and RDC to other servers and machines on the network just not a specific individual server. The win2000 server can browse and RDC to all servers however also has the authentication problem with the specific server however can use a local account to browse.
Which is why I think the issue lies with the server they are both having issues with.
Yes, the win200 and win7 are both remote and using vpn.
Is there any reason why when attempting to authenticate with a win2003 server it would not accept a domain account?
You need a solid connection before you can make a domain connection. I think there may be a way to delay domain authentication for a short while as connections are being made, but I have not done that (I keep remote machines off the domain for the most part).
Also, tomorrow when you get to the setup, what VPN are you using? First, some of the items are seem to contradict each other (same subnet, cannot browse, but can RDC). I don't really have clarity on how all this is connected. Second, I always use IPSec VPN and I most definitely have to keep remote ends on different subnets. Third (an probably much less likely), the remote end must pass VPN packets - not all ISP's do.
Also, make sure the firewalls at the remote ends allow the IP range of the servers.
... Thinkpads_User
Also, tomorrow when you get to the setup, what VPN are you using? First, some of the items are seem to contradict each other (same subnet, cannot browse, but can RDC). I don't really have clarity on how all this is connected. Second, I always use IPSec VPN and I most definitely have to keep remote ends on different subnets. Third (an probably much less likely), the remote end must pass VPN packets - not all ISP's do.
Also, make sure the firewalls at the remote ends allow the IP range of the servers.
... Thinkpads_User
I'm using the win2003 built in vpn and the windows network connections (create new connection, connect to the network at my workplace...). I'm not knowledgeable in vpns and just set it to the default. I think it's on PPTP.
If it was a packet or firewall issue I wouldn't expect to be able to connect to any machines on the network. However I'm only have trouble with this one win2003 server.
If it was a packet or firewall issue I wouldn't expect to be able to connect to any machines on the network. However I'm only have trouble with this one win2003 server.
You can connect despite the host firewall (I think I have done that with IPSec VPN) but you need the firewall range permitted to browse. I mentoned about browsing by IP because I also have an entry in my (XP, Vista Business, Windows 7 Pro) HOSTS file relating the IP address and name of the remote server (muliple different servers in my case).
I have used PPTP VPN in XP Pro. It did not work in Vista and Windows 7 may present the same issue. I converted all my clients to IPSec because life is too short muck about with PPTP when IPSec works so beautifully well. Still, I will try to help you however I can. ... Thinkpads_User
I have used PPTP VPN in XP Pro. It did not work in Vista and Windows 7 may present the same issue. I converted all my clients to IPSec because life is too short muck about with PPTP when IPSec works so beautifully well. Still, I will try to help you however I can. ... Thinkpads_User
I could attempt to setup IPSec however everything is working fine with the VPN except for this one server. So I'd suspect it is the individual server not the vpn that is at fault.
I'm able to browse other machines by either name or ip. I wasn't originally able to ping the problem server by name, however after adding a record in the WINS I'm now able to.
I'm able to browse other machines by either name or ip. I wasn't originally able to ping the problem server by name, however after adding a record in the WINS I'm now able to.
I've just tried again on the win7 machine and it's now working and I've made no changes. No idea why.
Thanks for your help regardless buddy.
Thanks for your help regardless buddy.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.