Solved

Can't remotely access mapped drives after installation of Symantec Endpoint 11.

Posted on 2010-11-16
12
1,139 Views
Last Modified: 2013-12-09
Just got finished installing Symantec Endpoint 11 on our customer's SBS 2003. Since then, no one remotely can access their mapped drives. They can connect to the VPN fine but when trying to access the mapped drives they a network access error. Help!?
0
Comment
Question by:bLampert
  • 7
  • 5
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146818
I am not familiar with Symantec but with similar applications if the VPN uses a different subnet for VPN clients, which is common, their subnet needs to be added to the security applications "trusted networks (subnets).
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146835
Ps- this would apply to a site to site VPN as well. The remote site's subnet would need to be added. Former comment was directed at software VPN clients.
0
 

Author Comment

by:bLampert
ID: 34146849
The VPN connection itself is connecting fine. It's when they try to browse the network is when it fails.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146934
If your version of Symantec has any form of firewall, there are blocks on different services. File and Print sharing will only be allowed from the local subnet, you would need to add the VPN user's subnet. This usually doesn't affect the VPN connection itself.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34147050
If that doesn't fix it:
1) SEP 11 does have a firewall (just checked), if enabled can you disable just as a test to determine if it is blocking access, or if it has 'broken' something?
2) What type of VPN are you using? The built-in SBS VPN?
3) Can the VPN clients ping the computer on which the shares are published by IP?
4) If so, can the VPN clients ping the computer on which the shares are published by computer name?
5) If #3 is successful but not #4 can they map a drive by IP?  (  net use Z:  \\192.168.123.123\ShareName  )
0
 

Author Comment

by:bLampert
ID: 34147829
I completely disabled Symantec and still can' get it. But it just came to my attention that whenever the VPN is connected, you cannot browse internet at all. Once you disconnect the VPN, internet works fine. Sooo what does this mean?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 34148012
The default configuration of a VPN client forces all connections to be through the VPN, and blocks access to local resources such as the Interent. This is a security feature to protect the corporate network from attackers at the remote site. If you are using the Windows VPN and the manually created VPN client (not the SBS connection manager client) you can disable this feature by going to:
For XP: control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
For Vista: control panel | network & sharing center | connections | manage network connections | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")
For Win 7: control panel | network & sharing center | change adapter settings | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")

However, if the VPN client is properly configured as with the SBS Connection Manager client they should be able to access DNS and Internet via the SBS site when connected to the VPN. If this worked before and not now, it sounds like SEP is affecting DNS, which could also affect the drive mappings.

Any answers to the above questions?
0
 

Author Comment

by:bLampert
ID: 34148367
OK got internet back up and tried pinging the internal and external IP and both timed out.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34148494
Is this the built-in SBS VPN or a 3rd party solution such as Cisco?
0
 

Author Comment

by:bLampert
ID: 34156804
Built-In VPN (The VPN connection through windows)
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34158991
As a test, if a user on the LAN connects to the VPN using the server's LAN IP (not external/public IP) can they access the shares?

Could you also please post the results of ipconfig /all from a problematic remote user while the VPN is connected.
0
 

Author Closing Comment

by:bLampert
ID: 34403469
Worked Great!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question