0

I am a new administrator to Windows Server 2008 R2. I am trying to set up a VPN connection to my server with not much luck. Thus far I can connect to my server with a VPN PPTP connection but I cannot see any of the public files on my server or see any other resources on the lan. I have a dual port LAN card with one set to a static IP address connected to a cable modem. The other lan port is configured to obtain an IP address automatically and is connected to a wireless router/firewall that is then connected to cable modem. All of my other lan resources(workstations) are also connected to this router/firewall. The firewall is enabled on this wireless router. The cable modem is configured as a bridge -- in other words the firewall is turned off. At least that is what COMCAST explained to me. I installed Network Policy and Access Services Role and included,

  • Network Policy Server
  • Routing and Remote Access Services
  • Remote Access Services
  • Routing -- Health Registration Authority & Host Credential Authorization Protocol

The role successfully installed and I am getting "green" on the role status indicators. The server firewall is enabled but I wrote a netsh script to "firewall set portopening All" for ports 1723 and 47. I am using windows 7 VPN login using PPTP protocol and I am directing the VPN connection to the static IP addr lan port. Like I said I can successfully login into my VPN but I cannot see any of my network resources. I can also remote log in with no problems at all.

pauska
  • 19,532
  • 4
  • 55
  • 75
user871962
  • 129
  • 1
  • 4
  • 8

3 Answers3

0

For testing you might consider connecting a client directly to the Internet/cable modem connected NIC on the server, then test the ability to establish a PPTP session with the configuration. If the test configuration works, then the cable modem may possibly be blocking GRE (on port 47).

user48838
  • 7,393
  • 2
  • 17
  • 14
  • Yes, I connected directly to the cable modem and I am able to directly VPN in. I checked with COMCAST and they checked the configureation of my modem and they said that it is configured as a pass through. It does not block any ports. When I connect outside of the modem I am able to connect but just cannot see any network resources or any of the server shared files. Any thoughts? – user871962 Aug 02 '11 at 01:19
  • So a direct connection to the NIC, eliminating the cable modem, works correctly? – user48838 Aug 02 '11 at 04:22
  • @user871962: The problem is not with the VPN connection. If you're getting connected then that means the VPN is working. In order to see resources on the LAN the RRAS server needs to be configured for LAN routing. – joeqwerty Aug 02 '11 at 12:24
  • Not necessarily true if there are GRE issues. – user48838 Aug 02 '11 at 12:39
  • I checked the RRAS settings. The IPv4 router is checke and is set for "LAN and demand-dial routing". – user871962 Aug 03 '11 at 15:34
  • But... Is the PPTP session fully functional when the cable modem is out of the picture (for testing)? – user48838 Aug 03 '11 at 15:39
  • OK, so explain to us how you're trying to see the network resources? Can you ping hosts on the network? Can you access network shares? – joeqwerty Aug 03 '11 at 17:46
  • I just tried to ping a couple of devices on the network but got timeouts. I used windows explorer "netwok" but can only see my local resources. Not the ones connected through the VPN. – user871962 Aug 05 '11 at 20:32
  • Can you connect to the resources on the VPN server (e.g. shares, printers, etc.)? If so, then you should look at the routing configuration for access to the rest of/intended portion of the network past the server. – user48838 Aug 05 '11 at 22:29
0

The problem doesn't appear to be with the VPN if you're getting connected. The problem appears to be with LAN routing. Have you enabled LAN Routing in the properties of the RRAS server?

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • I might have not been so clear on my last answer. I am able to get a vpn connection to the server however, I am not able to see the server shares nor can I access any of the network resources. In other words I cannot ping active resources on the LAN. – user871962 Aug 06 '11 at 15:30
0

I am going to close out this question even though I have not fixed the problem. I am not seeing any convergence on an answer. I very much appreciate all of the responders time and input. I am going to spend the next day starting from ground zero an re-building the vpn connection. If I am still having problems I may open a new question. I know much more from everyone's suggestions and inputs. Again, thanks for all of your help.

Regards, Steve Mansfield

user871962
  • 129
  • 1
  • 4
  • 8