Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1194
  • Last Modified:

Can't remotely access mapped drives after installation of Symantec Endpoint 11.

Just got finished installing Symantec Endpoint 11 on our customer's SBS 2003. Since then, no one remotely can access their mapped drives. They can connect to the VPN fine but when trying to access the mapped drives they a network access error. Help!?
0
bLampert
Asked:
bLampert
  • 7
  • 5
1 Solution
 
Rob WilliamsCommented:
I am not familiar with Symantec but with similar applications if the VPN uses a different subnet for VPN clients, which is common, their subnet needs to be added to the security applications "trusted networks (subnets).
0
 
Rob WilliamsCommented:
Ps- this would apply to a site to site VPN as well. The remote site's subnet would need to be added. Former comment was directed at software VPN clients.
0
 
bLampertAuthor Commented:
The VPN connection itself is connecting fine. It's when they try to browse the network is when it fails.
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
Rob WilliamsCommented:
If your version of Symantec has any form of firewall, there are blocks on different services. File and Print sharing will only be allowed from the local subnet, you would need to add the VPN user's subnet. This usually doesn't affect the VPN connection itself.
0
 
Rob WilliamsCommented:
If that doesn't fix it:
1) SEP 11 does have a firewall (just checked), if enabled can you disable just as a test to determine if it is blocking access, or if it has 'broken' something?
2) What type of VPN are you using? The built-in SBS VPN?
3) Can the VPN clients ping the computer on which the shares are published by IP?
4) If so, can the VPN clients ping the computer on which the shares are published by computer name?
5) If #3 is successful but not #4 can they map a drive by IP?  (  net use Z:  \\192.168.123.123\ShareName  )
0
 
bLampertAuthor Commented:
I completely disabled Symantec and still can' get it. But it just came to my attention that whenever the VPN is connected, you cannot browse internet at all. Once you disconnect the VPN, internet works fine. Sooo what does this mean?
0
 
Rob WilliamsCommented:
The default configuration of a VPN client forces all connections to be through the VPN, and blocks access to local resources such as the Interent. This is a security feature to protect the corporate network from attackers at the remote site. If you are using the Windows VPN and the manually created VPN client (not the SBS connection manager client) you can disable this feature by going to:
For XP: control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
For Vista: control panel | network & sharing center | connections | manage network connections | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")
For Win 7: control panel | network & sharing center | change adapter settings | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")

However, if the VPN client is properly configured as with the SBS Connection Manager client they should be able to access DNS and Internet via the SBS site when connected to the VPN. If this worked before and not now, it sounds like SEP is affecting DNS, which could also affect the drive mappings.

Any answers to the above questions?
0
 
bLampertAuthor Commented:
OK got internet back up and tried pinging the internal and external IP and both timed out.
0
 
Rob WilliamsCommented:
Is this the built-in SBS VPN or a 3rd party solution such as Cisco?
0
 
bLampertAuthor Commented:
Built-In VPN (The VPN connection through windows)
0
 
Rob WilliamsCommented:
As a test, if a user on the LAN connects to the VPN using the server's LAN IP (not external/public IP) can they access the shares?

Could you also please post the results of ipconfig /all from a problematic remote user while the VPN is connected.
0
 
bLampertAuthor Commented:
Worked Great!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now