Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Can't remotely access mapped drives after installation of Symantec Endpoint 11.

Posted on 2010-11-16
12
Medium Priority
?
1,174 Views
Last Modified: 2013-12-09
Just got finished installing Symantec Endpoint 11 on our customer's SBS 2003. Since then, no one remotely can access their mapped drives. They can connect to the VPN fine but when trying to access the mapped drives they a network access error. Help!?
0
Comment
Question by:bLampert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146818
I am not familiar with Symantec but with similar applications if the VPN uses a different subnet for VPN clients, which is common, their subnet needs to be added to the security applications "trusted networks (subnets).
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146835
Ps- this would apply to a site to site VPN as well. The remote site's subnet would need to be added. Former comment was directed at software VPN clients.
0
 

Author Comment

by:bLampert
ID: 34146849
The VPN connection itself is connecting fine. It's when they try to browse the network is when it fails.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 77

Expert Comment

by:Rob Williams
ID: 34146934
If your version of Symantec has any form of firewall, there are blocks on different services. File and Print sharing will only be allowed from the local subnet, you would need to add the VPN user's subnet. This usually doesn't affect the VPN connection itself.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34147050
If that doesn't fix it:
1) SEP 11 does have a firewall (just checked), if enabled can you disable just as a test to determine if it is blocking access, or if it has 'broken' something?
2) What type of VPN are you using? The built-in SBS VPN?
3) Can the VPN clients ping the computer on which the shares are published by IP?
4) If so, can the VPN clients ping the computer on which the shares are published by computer name?
5) If #3 is successful but not #4 can they map a drive by IP?  (  net use Z:  \\192.168.123.123\ShareName  )
0
 

Author Comment

by:bLampert
ID: 34147829
I completely disabled Symantec and still can' get it. But it just came to my attention that whenever the VPN is connected, you cannot browse internet at all. Once you disconnect the VPN, internet works fine. Sooo what does this mean?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 34148012
The default configuration of a VPN client forces all connections to be through the VPN, and blocks access to local resources such as the Interent. This is a security feature to protect the corporate network from attackers at the remote site. If you are using the Windows VPN and the manually created VPN client (not the SBS connection manager client) you can disable this feature by going to:
For XP: control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
For Vista: control panel | network & sharing center | connections | manage network connections | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")
For Win 7: control panel | network & sharing center | change adapter settings | right click on the VPN/Virtual adapter and choose properties | Networking | Internet Protocol Version 4 (TCP/IP v4) -properties | Advanced | IP settings | un-check  "Use default gateway on remote network")

However, if the VPN client is properly configured as with the SBS Connection Manager client they should be able to access DNS and Internet via the SBS site when connected to the VPN. If this worked before and not now, it sounds like SEP is affecting DNS, which could also affect the drive mappings.

Any answers to the above questions?
0
 

Author Comment

by:bLampert
ID: 34148367
OK got internet back up and tried pinging the internal and external IP and both timed out.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34148494
Is this the built-in SBS VPN or a 3rd party solution such as Cisco?
0
 

Author Comment

by:bLampert
ID: 34156804
Built-In VPN (The VPN connection through windows)
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34158991
As a test, if a user on the LAN connects to the VPN using the server's LAN IP (not external/public IP) can they access the shares?

Could you also please post the results of ipconfig /all from a problematic remote user while the VPN is connected.
0
 

Author Closing Comment

by:bLampert
ID: 34403469
Worked Great!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question