Win2K as VPN server

J

James Gillespie

I am trying to setup a Win2K box to act as a VPN server. I have two nics one
internal (10.0.0.5) the second being a public address. With RRAS stopped I
can ping all internal address fine, I can ping the gateway on the external
side and public address by IP or name. Once I start RRAS outside access is
lost.

I am including the route print statement.

Any help or insight would be great.

Thank
Jim

Interface List
0x1 ........................... MS TCP Loopback interface
0x3 ...00 40 95 d2 46 42 ...... Novell 2000 Adapter.
0x3000002 ...00 01 02 63 bf 2f ...... 3Com SOHO PCI
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 64.2.138.57 64.2.138.60 1
10.0.0.0 255.255.255.0 10.0.0.5 10.0.0.5 1
10.0.0.5 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1
64.2.138.56 255.255.255.248 64.2.138.60 64.2.138.60 1
64.2.138.60 255.255.255.255 127.0.0.1 127.0.0.1 1
64.255.255.255 255.255.255.255 64.2.138.60 64.2.138.60 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.0.0.5 10.0.0.5 1
224.0.0.0 224.0.0.0 64.2.138.60 64.2.138.60 1
255.255.255.255 255.255.255.255 64.2.138.60 64.2.138.60 1
Default Gateway: 64.2.138.57
===========================================================================
Persistent Routes:
None
 
R

Robert L [MS-MVP]

quoted from http://www.ms-mvps.com
Internal clients can't access the Internet after a remote client connects to
RRAS
Symptoms: After a remote client establishes a connection on a RRAS which is
installed on a domain controller with DNS, one or more of the following
symptoms may occur:
1) Internal clients may no longer be able to browse the Web through Internet
Security and Acceleration (ISA) Server, regardless of whether or not Web
Proxy or the Firewall Client is being used for Web browsing.
2) A "The page cannot be displayed" error message is generated when you use
a Web browser.
3) A "cannot find server or DNS" error occurs.
4) From an internal client, if you use PING to ping the name of the server,
PING returns any other address other than the IP address that is bound to
the server's internal adapter.
5) You cannot browse through the list of computers in Network Neighborhood
or My Network Places.
6) You cannot connect to the following Web page:
http://server_name/myconsole
7) You may receive the following event message: Event ID: 4319, Source:
Netbt, Description: A duplicate name has been detected on the tcp network.
The IP address of the machine that sent the message is in the data. Use
NBTSTAT with a switch of N in a command window to see which name is in a
conflict state.
8) When a client clicks Update Now from the Firewall Client applet in
Control Panel, the client may receive the following error message:

The server is not responding when client requests an update.
Possible causes:
-The server is not an ISA Server.
-The server is down.
9) Windows 2000 LAN clients cannot map a network drive to the server. The
client may receive the following error message: No Logon Servers Available
to Service your Logon Request.


--
For more and other information, go to http://www.ms-mvps.com

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ms-mvps.com
This posting is provided "AS IS" with no warranties.
 
J

James Gillespie

I'm not sure this is what is going on. From the server I can no longer ping
external address and from an external address I can not ping the server.
With RRAS stopped in can do both?

Jim
 
B

Bill Grant

Did you use the "VPN server" option in the RRAS wizard? This sets up
packet filters to block all non-VPN traffic, and should only be used for a
dedicated VPN server.

Check your public interface for packet filters.
 
J

James Gillespie

thank you that was it (packet filters)


Bill Grant said:
Did you use the "VPN server" option in the RRAS wizard? This sets up
packet filters to block all non-VPN traffic, and should only be used for a
dedicated VPN server.

Check your public interface for packet filters.


=================================================================================================================================================================================================================================
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Site-to-Site VPN 0
Vpn connection, but no resources found. Routing table woes. 6
Routing 1
VPN not Routing 5
CMAK VPNs not working as expected. 3
Desperate Housewife needs help with Windows 2000 Server vpn setup 5
VPN routing with W2K RRAS 4
Help with Window 2003 server routing 6

Top