Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN - DNS - WINS - Domain - Newbie help 2

Status
Not open for further replies.
madjakers

madjakers

IS-IT--Management
May 23, 2003
26
0
0
US
I have a VPN server installed and configured. It is registered on my domain with one NIC and the other NIC has a public IP address configured in the RRAS setup.

I have 20 PPTP ports configured to accept incoming VPN connections from users with permissions as specified in my Active Directory.

I am able negotiate a succesful connection between my home computer on the internet and the vpn server(connnection, authentication, registration). Now I can see all of the computers on my network BUT I cannot access them...When I try to open any of them I get a generic message saying that the Network Path is Not Found.

I want to be able to have full network access through my vpn connection from home, what do I have to do? Please help? All suggestions welcome!

Thanks, Jake
 
Sort by date Sort by votes
Are you using PPTP or IPSEC VPN? Are all machines running Win2K? It sounds like a DNS issue so try this:
Get connected, ping your machine by ip address, ping your machine by name, ping VPN server public ip, ping VPN server private ip, ping server by name, ping another machine by IP address, ping another machine by name. If your pings dont work to a certain point, try a tracert to that IP and see where its going.

Alex
 
Upvote 0 Downvote
And I am running W2K on both machines, with PPTP VPN
 
Upvote 0 Downvote
Ok I can successfully ping IP addresses on the domain but if I try to ping by name it cannot resolve the ip address...what do I do next?
 
Upvote 0 Downvote
Your best bet is to add the machines that you need to access to your hosts file. C:\%systemroot%\system32\drivers\etc You can edit it with Notepad.
Otherwise, you would need to have your home machine look to your work DNS server for resolution. I always seem to have trouble getting DNS across VPN to work right. That is why I use the hosts file.....

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
I've never edited a hosts file...what do I add and where?
I see a hosts and a lmhosts which one do I edit and what do I add?

In my hosts file it looks like this:
# localhost: Needs to stay like this to work
127.0.0.1 localhost

# KaZaA related:
127.0.0.1 desktop.kazaa.com
etc etc etc.....

I'd love a detailed explanation of what to add and where...thanks so much for the help guys!!!

-Jake
 
Upvote 0 Downvote
You just simply put in the IP of the machines you are trying to connect to under the 127.0.0.1 and the hostnames under localhost. And you want to edit the hosts file...

# localhost: Needs to stay like this to work
127.0.0.1 localhost
192.168.1.1 wks1001
192.168.1.2 wks1002
192.168.1.254 Hou_Gateway





Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Thanks Matt!

I will try that tonight...

Sincerely,

Jake
 
Upvote 0 Downvote
One other thing I discovered on last Friday was NAT...My T1 connection comes in through a Cisco 1700 Router administered by my ISP(I don't have access to configure it) and realized that it uses NAT on one of our public IP addresses. We have a serries of 6 public IP addresses, the first is used for NAT, three are used for our web servers, one is used for our VPN server, and one is not used...

Will this affect my VPN connectivity?

How does NAT affect VPN connections?

Thanks again,

Jake
 
Upvote 0 Downvote
Cool...I'll post my reply tomorrow of how it goes tonight with the Hosts file edit!

Thanks for your advice,

Jake
 
Upvote 0 Downvote
Up and Running!

That solved my connectivity problems...Thanks for the Hosts file edit...

Believe it or not...now we are having problems with our work laptops which log onto the domain here at the office...(%DOMAIN%.local)...what setting or logon should they use at home to see our work domain and access it?

Thanks Again and Again

-jake
 
Upvote 0 Downvote
That's a tricky one. I think they need to logon to the Domain at home. Even though they will not be able to contact a Domain Controller they can still logon using cached credentials. I think once they connect, the permissions will look to how they are logged on and still authenticate them....

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
WE will give that a run tonight....thanks Matt!

-Jake
 
Upvote 0 Downvote
Matt...Great news that works...(for our XP Pro machines)...still not working with our 2000 Pro computer...any more ideas?

The XP machines work like a charm! Users are very happy...

Another question regarding security...I have the VPN server with 2 nics and have run the RRAS manual setup...what sercurity measures should I take to ensure that that second nic on the VPN that my remote clients connect to for their VPN is secure and resistant to hacks and those port scanning programs?

Again thanks a million,

Jake Rehmann
 
Upvote 0 Downvote
2k should be the same as XP. What exact troubles are they having?

As for your second Q. You may want to post that in the Security Forum, forum83. I've never had Windows public, as I don't trust the security or Windows. The only machines I've had Public are *nix machines.

You would have to have some kind of Firewall running. Not sure what would be good enough for a business application. You may want to think about putting a seperate firewall between your Server and you LAN...

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Another Questions if anyone is still watching this post...

I have one laptop having connectivity problems with the VPN.

Win2K Pro, Logs into Domain at work, Pseudo-logs onto Domain at home(cashed credentials), Authenticates and establishes a connection to the VPN server, I can see the connection comming in on the VPN server and the PPTP connection looks great, the security protocol is MSCHAPv2, the traffic seems to be flowing both ways through the vpn connection(with much more going out than coming into the remote laptop), I can ping everything on my private lan through the cmd prompt.....

BUT...I can't access any resources via: mapping drives or browsing the network neighborhood.

-In network neighborhood i can see the microsoft network and Active Directory but can't browse either...I don't get an error for about 3-4 minutes, a very long time...

Please any suggestions that can shed light on this mystery would be great...or just stuff to try....

Thanks,

Jake
 
Upvote 0 Downvote
Browsing Net Neighborhood always gives me trouble over VPN. I actually don't ever use that route. If you can ping, then you can map a drive. From CMD prompt, NET USE Z: \\<server IP address>\sharename /PERSISTENT:Yes(or no)

Thanks,

Matt Wray
MCSE, MCSA, MCP, CCNA

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
306
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
200
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
130
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
222
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top