Gateway to Gateway VPN and SBS 2003

Discussion in 'Windows Small Business Server' started by Diviesh, Nov 9, 2006.

  1. Diviesh

    Diviesh Guest

    eI have set-up a Gateway to Gateway VPN(both Netgear FVS318v3) which appears
    to connect fine, i am able to ping from one end for the VPN(remote site) to
    the Wan nic on the server(main site) and from the server(main site) to the
    any machine on the remote site.

    However i am unable to comunicate from the Remote site to the Lan NIC on the
    server at the main site, this is required for drive mapping, exchange server,
    Remote mgmt, and remote assistants and any other domain functions.

    Is their anyway to enable communication between the Wan and Lan card so that
    the remote sites have full access to the domain.

    Main Site

    I have a Windows Small Business Server 2003 with 2 Network Cards - one for
    Wan and one for Lan

    Lan NIC IP is 192.168.16.2 and Wan 192.168.0.2

    Remote Site

    VPN Router(also used as DHCP) and a Test machine

    VPN Router address 192.168.3.1 Test Machine 192.168.3.2



    Regards

    Diviesh Morjaria
     
    Diviesh, Nov 9, 2006
    #1
    1. Advertisements

  2. Hi Diviesh,

    Your VPN tunnel endpoint is on the same subnet as your WAN nic, and you
    don't want that. When using hardware devices for the VPN tunnel, a single
    nic SBS is the way to go.
     
    Les Connor [SBS Community Member - SBS MVP], Nov 10, 2006
    #2
    1. Advertisements

  3. Hello Diviesh

    Thank you for posting here.

    From your post, I understand that you have a site to site VPN created by
    two Netgear Boxes and you want to make remote VPN client pass SBS 2003
    access internal domain.

    If this is your concern, please connect your Netgear vendors and ask for
    further assistance for this issue.

    In additional, if you wants the remote network to access the SBS internal
    network, you should configure the SBS/ISA Server as a single-NIC based
    machine. The network topology will then look like the following:

    {LAN/SBS}==={Netgear}==={Internet}==={Netgear}==={Remote LAN}

    All the site-to-site settings are configured on the router side and we
    don't need to configure any ISA settings (just need to simply run the CEICW
    Wizard after change the SBS box to uni-homed).

    I hope the information above is helpful.

    If there is anything else I can do for you, feel free to let me know.

    Best regards,

    Terence Liu(MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | Thread-Topic: Gateway to Gateway VPN and SBS 2003
    | thread-index: AccD5SAlPoSKTiPQReO3SEUr3AczAg==
    | X-WBNR-Posting-Host: 87.127.88.57
    | From: =?Utf-8?B?RGl2aWVzaA==?= <>
    | Subject: Gateway to Gateway VPN and SBS 2003
    | Date: Thu, 9 Nov 2006 01:55:02 -0800
    | Lines: 30
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
    | Newsgroups: microsoft.public.windows.server.sbs
    | Path: TK2MSFTNGXA01.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:311358
    | NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | eI have set-up a Gateway to Gateway VPN(both Netgear FVS318v3) which
    appears
    | to connect fine, i am able to ping from one end for the VPN(remote site)
    to
    | the Wan nic on the server(main site) and from the server(main site) to
    the
    | any machine on the remote site.
    |
    | However i am unable to comunicate from the Remote site to the Lan NIC on
    the
    | server at the main site, this is required for drive mapping, exchange
    server,
    | Remote mgmt, and remote assistants and any other domain functions.
    |
    | Is their anyway to enable communication between the Wan and Lan card so
    that
    | the remote sites have full access to the domain.
    |
    | Main Site
    |
    | I have a Windows Small Business Server 2003 with 2 Network Cards - one
    for
    | Wan and one for Lan
    |
    | Lan NIC IP is 192.168.16.2 and Wan 192.168.0.2
    |
    | Remote Site
    |
    | VPN Router(also used as DHCP) and a Test machine
    |
    | VPN Router address 192.168.3.1 Test Machine 192.168.3.2
    |
    |
    |
    | Regards
    |
    | Diviesh Morjaria
    |
     
    Terence Liu [MSFT], Nov 10, 2006
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.