Win2K as VPN server

  • Thread starter Thread starter James Gillespie
  • Start date Start date
J

James Gillespie

I am trying to setup a Win2K box to act as a VPN server. I have two nics one
internal (10.0.0.5) the second being a public address. With RRAS stopped I
can ping all internal address fine, I can ping the gateway on the external
side and public address by IP or name. Once I start RRAS outside access is
lost.

I am including the route print statement.

Any help or insight would be great.

Thank
Jim

Interface List
0x1 ........................... MS TCP Loopback interface
0x3 ...00 40 95 d2 46 42 ...... Novell 2000 Adapter.
0x3000002 ...00 01 02 63 bf 2f ...... 3Com SOHO PCI
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 64.2.138.57 64.2.138.60 1
10.0.0.0 255.255.255.0 10.0.0.5 10.0.0.5 1
10.0.0.5 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1
64.2.138.56 255.255.255.248 64.2.138.60 64.2.138.60 1
64.2.138.60 255.255.255.255 127.0.0.1 127.0.0.1 1
64.255.255.255 255.255.255.255 64.2.138.60 64.2.138.60 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.0.0.5 10.0.0.5 1
224.0.0.0 224.0.0.0 64.2.138.60 64.2.138.60 1
255.255.255.255 255.255.255.255 64.2.138.60 64.2.138.60 1
Default Gateway: 64.2.138.57
===========================================================================
Persistent Routes:
None
 
quoted from http://www.ms-mvps.com
Internal clients can't access the Internet after a remote client connects to
RRAS
Symptoms: After a remote client establishes a connection on a RRAS which is
installed on a domain controller with DNS, one or more of the following
symptoms may occur:
1) Internal clients may no longer be able to browse the Web through Internet
Security and Acceleration (ISA) Server, regardless of whether or not Web
Proxy or the Firewall Client is being used for Web browsing.
2) A "The page cannot be displayed" error message is generated when you use
a Web browser.
3) A "cannot find server or DNS" error occurs.
4) From an internal client, if you use PING to ping the name of the server,
PING returns any other address other than the IP address that is bound to
the server's internal adapter.
5) You cannot browse through the list of computers in Network Neighborhood
or My Network Places.
6) You cannot connect to the following Web page:
http://server_name/myconsole
7) You may receive the following event message: Event ID: 4319, Source:
Netbt, Description: A duplicate name has been detected on the tcp network.
The IP address of the machine that sent the message is in the data. Use
NBTSTAT with a switch of N in a command window to see which name is in a
conflict state.
8) When a client clicks Update Now from the Firewall Client applet in
Control Panel, the client may receive the following error message:

The server is not responding when client requests an update.
Possible causes:
-The server is not an ISA Server.
-The server is down.
9) Windows 2000 LAN clients cannot map a network drive to the server. The
client may receive the following error message: No Logon Servers Available
to Service your Logon Request.


--
For more and other information, go to http://www.ms-mvps.com

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ms-mvps.com
This posting is provided "AS IS" with no warranties.
 
I'm not sure this is what is going on. From the server I can no longer ping
external address and from an external address I can not ping the server.
With RRAS stopped in can do both?

Jim
 
Did you use the "VPN server" option in the RRAS wizard? This sets up
packet filters to block all non-VPN traffic, and should only be used for a
dedicated VPN server.

Check your public interface for packet filters.
 
thank you that was it (packet filters)


Bill Grant said:
Did you use the "VPN server" option in the RRAS wizard? This sets up
packet filters to block all non-VPN traffic, and should only be used for a
dedicated VPN server.

Check your public interface for packet filters.


=================================================================================================================================================================================================================================
 
Back
Top