Start Free TrialLog in
Avatar of townsma
townsmaFlag for Indonesia

asked on 

Problems connecting to resources on a VPN Network via TMG

I have set up a TMG gateway, for outbound all works well.  I am now trying to set up a VPN into the system to access SQL Servers etc.

I have followed all the instructions I can find, and all seems well.  I am accessing the VPN from a Windows 7 laptop.

When I try to connect, I am prompted for the login credentials, which I enter, and it says they are accepted.  Windows 7 reports I am connected.  If I try IP config, the VPN network has a valid IP address from the corporate network.

But if I try to ping any of the servers on that network I cannot.  I also cannot access the SQL Server by using the SQL Man Studio.

I tried to ping by server name to the SQL server, and I get a reply, but form an IP address I do not recognise.

I have spent a lot of time on this,  and am puling out my hair.

I would welcome any advise.
Networking ProtocolsInternet ProtocolsMicrosoft Forefront ISA Server
Avatar of undefined
Last Comment
pwindell
Avatar of pwindell
pwindell
Flag of United States of America image
Making the VPN connect ONLY does just that,...it makes the VPN connect.

However that in no way grants you access to anything.  All you did when you authenticated is be granted the permissions to establish the VPN Tunnel itself,...but nothing beyond that.

Everything from that point forward depends, and is entirely controlled by,...Access Rules.   Having Access to Ping does not give you access to SQL,..and having access to SQL does not give you the ability to Ping.  So using Ping to test anything is pointless and the only thing it ever would really test is if you had access to Ping.

So your Access Rule would be something like:

From: VPN Clients Network
To: (Either Internal or Computer Sets, or Address Sets, or <well you should get the point>)
Protocols: <List of Protocols>
Users: (Either "All Users" for anonymous, or use specific User Sets)

I do not recommend Anonymous ("All Users")
Avatar of pwindell
pwindell
Flag of United States of America image
Because the Client is Windows7,...when targeting a machine to contact you will likely have to use the FQDN.  Using the Netbios Name worked fine in XP and older, but in my experience with Windows7 you'd have to use the FQDN based on the AD Domain.  That is what I have ran into trying to use the Remote Desktop Client in Windows7 to contact a Terminal Server on the LAN,...so the SQL Client Application may exibit the same behavor.

AD Domain = juicyfruit.loc
SQL Server = happydata
FQDN = happydata.juicyfruit.loc

Avatar of townsma
townsma
Flag of Indonesia image

ASKER

I understand that my access is based on the access rules, and I have a rule already as you suggest.

I have also tried connecting to the SQL Server using the NETBIOS name, the FQDN, the IP returned from the PING, and the IP of the actual server.  But none of them connect.  All return server not found.

Avatar of pwindell
pwindell
Flag of United States of America image
If the SQL Server is not in the same IP Segment that the VPN Client gets an IP# from,...then the Client must be sure to have enabled "use gateway on remote network" in their Dialup Connectoid.

Beyond that,  there isn't much I could do without seeing the thing for myself and there isn't any way I can do that..
Avatar of townsma
townsma
Flag of Indonesia image

ASKER

The SQL Server is on the same IP Subnet as the TMG Server, and hence VPN server, plus I have already selected "use gateway on remote network".

Thanks for trying anyway.
ASKER CERTIFIED SOLUTION
Avatar of pwindell
pwindell
Flag of United States of America image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Networking Protocols
Networking Protocols

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

12K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent