VPN setup, cannot browse remote network from windows 7 machine

I've setup a vpn on a windows 2003 server and can connect successfully from an external win2000 or win7 machine. On both machines I'm unable to browse the network and I have problems connecting to one other server on the network (server A). Both machines can ping server A and server A can ping both machines.

The win2000 machine is able to remote desktop to server A however when trying to browse it's folder it asks for a username/password. It will not accept a u/p of an account on the domain, however I created a local account on server A and this works.

The win7 machine cannot remote desktop to server A and gets the error: "You computer could not connect to another console session on the remote computer because you already have a console session in progress". It is able to RDC to other machines on the network however. When trying to browse server A the win7 machine also is requested a username/password however both the domain account and local server A account do not work.


Brave123Asked:
Who is Participating?
 
John HurstConnect With a Mentor Business Consultant (Owner)Commented:
Can you connect a share by IP address and then browse?

That is, from the Windows 7 machine, open a command prompt and type:

NET USE Z: \\192.168.0.x\C$ and authenticate, where 192.168.0.x is the addess of the server.

Also, you say the Windows 7 machine is on the same subnet as the network (server). That cannot be. They must be on different subnets. ... Thinkpads_User
0
 
Brave123Author Commented:
Also, the win2000 machine is set on the same domain as the network however is no longer local so is using the vpn and is using a different subnet(ip's are not similar). The win7 machine is  on a workgroup and the same subnet as the network (192.168.0.whatever). I'm not network orientated so not sure if I've got the terminology right.
0
 
Brave123Author Commented:
I should also mention that server A is a windows 2003 server however is not the windows 2003 server that the vpn is setup on.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
Brave123Author Commented:
Hi Thinkpads_User,

I can't browse by ip or name. It asks me to authenticate and neither a domain accoun tor a local account on the server works.However from the win2000 machine I can browse and authenticate with the local server account but also not with a domain account.

When you say subnets, do you mean 192.168.0.*? So if the network machines are 192.168.0.1, 192.168.0.2 etc, I need to alter the router for my win7 machine so that it has the local ip of 192.168.1.1?
0
 
John HurstBusiness Consultant (Owner)Commented:
It looks like a subnet problem at this point.  It is possible to connect a VPN and not browse by either IP or Name when the subnets at each end are the same.

So your server has an internal address on its network of 192.168.0.x (x=001, 002, 101, 102, whatever).

Now your remote end (the Windows 7 machine here) must be 192.168.1.y (y=001, 002, etc).

Here, the 0 or the 1 is the subnet and they cannot be the same in a VPN environment. The remote end can be 1, 2, 55, 77, etc - just not 0.

I am not sure why your Windows 2000 machine can browse and authenticate. Is it using VPN, and is it remote? If so, it needs to be on a different subnet as well.

... Thinkpads_User
0
 
Brave123Author Commented:
Ok, I'll try chaning the subnet on the win7 machine, however I'm about 8 hours away from having access to it.

I should point out though that the win7 machine can browse and RDC to other servers and machines on the network just not a specific individual server. The win2000 server can browse and RDC to all servers however also has the authentication problem with the specific server however can use a local account to browse.

Which is why I think the issue lies with the server they are both having issues with.

Yes, the win200 and win7 are both remote and using vpn.
0
 
Brave123Author Commented:
Is there any reason why when attempting to authenticate with a win2003 server it would not accept a domain account?
0
 
John HurstBusiness Consultant (Owner)Commented:
You need a solid connection before you can make a domain connection. I think there may be a way to delay domain authentication for a short while as connections are being made, but I have not done that (I keep remote machines off the domain for the most part).

Also, tomorrow when you get to the setup, what VPN are you using? First, some of the items are seem to contradict each other (same subnet, cannot browse, but can RDC). I don't really have clarity on how all this is connected. Second, I always use IPSec VPN and I most definitely have to keep remote ends on different subnets. Third (an probably much less likely), the remote end must pass VPN packets - not all ISP's do.

Also, make sure the firewalls at the remote ends allow the IP range of the servers.

... Thinkpads_User
0
 
Brave123Author Commented:
I'm using the win2003 built in vpn and the windows network connections (create new connection, connect to the network at my workplace...). I'm not knowledgeable in vpns and just set it to the default. I think it's on PPTP.

If it was a packet or firewall issue I wouldn't expect to be able to connect to any machines on the network. However I'm only have trouble with this one win2003 server.
0
 
John HurstBusiness Consultant (Owner)Commented:
You can connect despite the host firewall (I think I have done that with IPSec VPN) but you need the firewall range permitted to browse. I mentoned about browsing by IP because I also have an entry in my (XP, Vista Business, Windows 7 Pro) HOSTS file relating the IP address and name of the remote server (muliple different servers in my case).

I have used PPTP VPN in XP Pro. It did not work in Vista and Windows 7 may present the same issue. I converted all my clients to IPSec because life is too short muck about with PPTP when IPSec works so beautifully well. Still, I will try to help you however I can. ... Thinkpads_User
0
 
Brave123Author Commented:
I could attempt to setup IPSec however everything is working fine with the VPN except for this one server. So I'd suspect it is the individual server not the vpn that is at fault.

I'm able to browse other machines by either name or ip. I wasn't originally able to ping the problem server by name, however after adding a record in the WINS I'm now able to.
0
 
Brave123Author Commented:
I've just tried again on the win7 machine and it's now working and I've made no changes. No idea why.

Thanks for your help regardless buddy.
0
 
Brave123Author Commented:
.
0
 
John HurstBusiness Consultant (Owner)Commented:
Thanks for the update. ... Thinkpads_User
0
All Courses

From novice to tech pro — start learning today.