Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN STOPS WEB ACCES ON SERVER 2000 1

Status
Not open for further replies.
milesy

milesy

Technical User
Dec 4, 2003
92
0
0
GB
Ok Im lost. I have a Windwos 2000 server which has been fine for about 2 years. I have just configured VPN on it and all seemed fine, client machine can log in from of site location and access the shares as required. But the server cannot see the web any more. Using the server I tryed to ping WAN address and no joy, but I can ping a LAN address.

server IP 169.254.105.22 LAN NIC
169.254.105.25 VPN NIC
sub mask 255.255.255.0
Gateway 169.254.105.1 Dlink Router.

Any ideas greatly recived

 
Sort by date Sort by votes
this may help. quoted from
Internal clients can't access the Internet after a remote client connects to RRAS
Symptoms: After a remote client establishes a connection on a RRAS which is installed on a domain controller with DNS, one or more of the following symptoms may occur:
1) Internal clients may no longer be able to browse the Web through Internet Security and Acceleration (ISA) Server, regardless of whether or not Web Proxy or the Firewall Client is being used for Web browsing.
2) A "The page cannot be displayed" error message is generated when you use a Web browser.
3) A "cannot find server or DNS" error occurs.
4) From an internal client, if you use PING to ping the name of the server, PING returns any other address other than the IP address that is bound to the server's internal adapter.
5) You cannot browse through the list of computers in Network Neighborhood or My Network Places.
6) You cannot connect to the following Web page: 7) You may receive the following event message: Event ID: 4319, Source: Netbt, Description: A duplicate name has been detected on the tcp network. The IP address of the machine that sent the message is in the data. Use NBTSTAT with a switch of N in a command window to see which name is in a conflict state.
8) When a client clicks Update Now from the Firewall Client applet in Control Panel, the client may receive the following error message:

The server is not responding when client requests an update.
Possible causes:
-The server is not an ISA Server.
-The server is down.
9) Windows 2000 LAN clients cannot map a network drive to the server. The client may receive the following error message: No Logon Servers Available to Service your Logon Request.

Resolutions: This issue can occur if the client computer receives a response from DNS that includes the wrong Internet Protocol (IP) address. This address is only returned in a query after a remote client has connected by using Dial-Up Networking. This IP address is registered with DNS if network basic input/output system (NetBIOS) is bound to the RRAS server's dial-in interfaces or if DNS is configured to listen on all interfaces. To resolve this problem, obtain the latest service pack for Windows 2000.


Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at
 
Upvote 0 Downvote
Milesy,

When you brought the VPN solution online, did you add a second NIC to the unit? If so, which NIC has a default gateway entry?
 
Upvote 0 Downvote
Well I thought that I had sorted it myself....That is until this morning.

This is how I how I got it working.

On the second nic (both are built onto the montherboard) I only assigned an IP 169.254.105.25 and a subnet mask 255.255.255.0 and left the DNS server and Gateway blank.

Everything worked fine, The server had web access when needed, clients could use the VPN, and the server had no problems.

This morning I got to work only to find that the workstations could not log onto the netwok.

I'm now more at a loss that when I started....
 
Upvote 0 Downvote
Miles,

You should only have a default gateway set on the WAN NIC, not the LAN. Both NIC's can and should have a DNS entry. Can you verify this is your setup?
 
Upvote 0 Downvote
As you can tell I'm new to this so thanks for the help.

The first NIC is the one that was used origanaly by the network.
This NIc has an IP, SubNet, Gateway & DNS
The Second NIC which was disabled before. Only has IP & SubNet.

Reading your post, correct me if I am wrong. I should have:-
NIC1 IP,SubNet,DNS leave Gateway empty.
NIC2 IP,SubNet,DNS and Default Gateway
 
Upvote 0 Downvote
Miles,

If NIC1 is on the LAN and NIC2 is your Internet NIC you should be in good shape.
 
Upvote 0 Downvote
On the client machine in properties for the connection advanced TCP/IP settings make sure that the use default gateway on remote network in UNCHECKED
 
Upvote 0 Downvote
I Have unckecked the use default gateway on the client machine, but its not remote machine that has the problem. Thanks any way.
 
Upvote 0 Downvote
Gacollier.....

Yes still got the same problems. For 3-5 days all is well then we lose the connection to the net on the server and then the work stations have problems logging on to the server. But the VPN stays up and stable.

Please dont tell me this is something simple because I am tearing my hair out.....OK then, tell me it is something simple.
 
Upvote 0 Downvote
I am having a very similar problem!

I just set up a VPN on our win2k server sp4 box and just as I did, the proxy server, web hosting, and internet services just went wacko!
Everything is set up properly, but for strange reasons it isnt working properly! Its been doing my head in for the last 2 weeks!

I've just managed to get the VPN up although it isnt running the best it could, I still am lost to sorting out the other details...

Its a bunch of crap because Microsoft dont support VPN access behind a firewall/NAT

I reckon its possible though! To have it all running at the same time on one machine.

I will post again when I have more information for ya

 
Upvote 0 Downvote
OK ITS SORTED AT LAST....

With all the help from all the posts above..

The LAN NIC now only has a IP address, and a SUB NET, no dns or Gateway.

The VPN NIC HAS IP,SUB NET, DNS AND GATEWAY.

Everything has been up for 2 weeks stanble and not a problem.

SpecNick if I can help please drop me a line.
 
Upvote 0 Downvote
Quick question to all,

At work: Running a Win2K domain server. Has three NIC's.
Have tried setting up a VPN, but as soon as it is active or one of the two spare NIC's is made active, the network loses all connections to the server! Each NIC has it's own static IP address and is connected to the same switches and router as the rest of the network.

At home: Running a Win2k standard server. Has two NIC's.
Both connected to the same router. PC complains about name duplication, but the VPN runs without any problems and the local PC's can still access the server.

Any ideas as the VPN at work is kind of urgent.

Barry

ICT Network Administrator
IT Services Manager
 
Upvote 0 Downvote
Something to think about...

In order to use Win2k VPN, Routing and Remote Access Server (RRAS) must be running and properly configured.

In order for RRAS to work properly, you must have at least 2 NICs and they MUST be on different networks (subnets).

MCSE CCNA CCDA
 
Upvote 0 Downvote
OK,

Work Setup:
LAN NIC is on 192.168.1.2 / 255.255.255.0
If I configure a second NIC on 192.168.2.? / 255.255.255.0, will it still work with the gateway of 192.168.1.254?

Will this stop the NIC's from conflicting and stop the server from going down?

I guess it should but I don't really want to risk losing the server to more down time than is required!

Home setup:
Both NICS are in the 192.168.1.? / 255.255.255.0 class and the server runs quite happy other than it sees itself, (which I understand.)

You can see why I'm confussed!

Barry

ICT Network Administrator
IT Services Manager
 
Upvote 0 Downvote
If I configure a second NIC on 192.168.2.? / 255.255.255.0, will it still work with the gateway of 192.168.1.254?" You may have to add a static route for subnet 192.168.2.X.

"Will this stop the NIC's from conflicting and stop the server from going down?" Is it going down now? If so, what's the config?

"Both NICS are in the 192.168.1.? / 255.255.255.0 class and the server runs quite happy other than it sees itself, (which I understand.)" Sorry, but what's the question here?

"You can see why I'm confussed!" You and me both brother! Sorry, I don't mean to make light of this post, but I don't understand the issue other than adding a second NIC to the work setup.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
306
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
199
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
F
  • Question
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
0
Views
1K
FrankSider12
F
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
128
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top