Problem accessing PCs when connected using VPN

Discussion in 'Server Networking' started by Richard Kimberley, Sep 18, 2005.

  1. We currently have two servers, each running Windows 2003 Small Business
    Server. Both servers are for different domains at the moment as we
    eventually want to move everything to the second server.

    The setup is as follows:

    SERVER01 - domain1.local
    SERVER02 - domain2.local

    All client computers are running Windows XP Pro and are on the SERVER01
    domain. The SERVER02 machine is sitting doing nothing at present, it simply
    has a shared folder on it which is accessable from the XP client machines.

    All this works fine and th shared folder on SERVER02 does what it's intended
    which is simple file sharing.

    The problem arises when a workstation connected to SERVER01 via a VPN
    connection tries to access the shared folder on SERVER02. The error is
    simply that SERVER02 cannot be found. Yet when the same client connects
    using the LAN directly, it can access the same shard folder on SERVER02
    perfectly well.

    Also, the client connected via VPN can communicate with all the Win XP
    client PCs on the LAN. Yet it sees SERVER02 as non existant! SERVER02's IP
    address can be pinged ok from the client connected using VPN.

    Has anyone got any ideas of how to solve this problem?

    Any help would be eternally appreciated!


    Richard Kimberley, Sep 18, 2005
    1. Advertisements

  2. Richard Kimberley

    Ian Guest

    Can you open the server whilst connected using the VPN by using the IP
    Address rather than the name?

    Are the 2 domain's in different Subnets?

    Are you using WINS?
    Ian, Sep 18, 2005
    1. Advertisements

  3. The situation now is that I can access the shared folders on the VPN server
    and I can ping the VPN server's IP and hostname.

    I can't however access or ping any other computer on the LAN other than the
    server. Any ideas?


    Richard Kimberley, Sep 19, 2005
  4. Richard Kimberley

    Ian Guest

    Are you using RRAS? Have you enabled routing between the 2 subnets? or
    do you have another device routing between the subnets?

    Can you ping server02 from server01? Is server01 your RRAS Server?

    Have you setup any routes to go between these subnets?
    Ian, Sep 19, 2005
  5. Yes I'm using RRAS. I haven't enabled routing between the two subnets (I
    assume we re talking about the VPN subnet and the LAN subnet?)

    Server02 can be ping's from Server01, yes. Server01 is the RRAS server.

    I don't know how to seyup routes between the subnets. Very new to all this!
    Any help would be very much appreciated.

    Richard Kimberley, Sep 19, 2005
  6. Richard Kimberley

    Ian Guest

    What device is in the "VPN Subnet"?, Is one of your server's multihomed?

    Whatever device is in the VPN Subnet answering VPN Calls needs to have
    an ip route to the Lan Subnet in order for traffic to flow.
    Ian, Sep 19, 2005
  7. Hi Ian,

    Bear with me on this one, I'm not familiar with the terms used.

    The LAN is using IP address range 192.168.0.x on subnet

    Server01 is (only one network card present)
    Server02 is
    LAN clients are
    The ADSL router is (also the DHCP server)

    The VPN connection is to the Server01 and the DLink ADSL Modem/router has
    the IP routing set up to forward incoming VPN connections to Server01.

    The VPN subnet appears to be

    Does this help at all? How do I provide VPN calls a route to te LAN subnet?

    Sorry to be a pain on this one, it's all totally new to me :)


    Richard Kimberley, Sep 20, 2005
  8. Richard Kimberley

    Ian Guest

    Hi Rich,

    Just read this post from the beginning again as i think we have missed a
    few steps.

    When connected using the VPN Connection - can you contact the other XP
    desktops by using IP address other than the computer name?

    If so - there is a setting in Routing and Remote Access to enable
    Broadcast Name Resolution (Right Click the server object, goto
    properties, select IP, Broadcast name resolution box is at the bottom of
    the screen). - Only do this if you can ping the IP addresses of the xp
    desktops from the VPN Client.

    Ian, Sep 20, 2005
  9. Hi Ian,

    Many thanks for your help mate.

    Right, the VPN client cannot ping any other XP machine on the LAN. The VPN
    client can ping the VPN server's LAN IP.
    Broadcast Name Resolution is ticked.

    So basicaly, I am unable to ping any other PC on the LAN from the VPN client
    by IP (and of course by name).

    Any thoughts?


    Richard Kimberley, Sep 24, 2005
  10. Richard Kimberley

    Ian Guest

    No Worries,

    Is enable IP Routing enabled (Same screen as broadcast name resolution -
    at the top)

    What IP Address is being issued to your vpn clients

    Ian, Sep 24, 2005
  11. Hi Ian,

    IP Routing is enabled.

    When typing IPCONFIG /ALL on the VPN client, it gives the following:

    DHCP Server Enabled: NO
    IP Address:
    Subnet Mask:
    Default Gateway:
    DNS Servers:
    Primary WINS Server:

    The LAN IP of the server is
    The IP Address of the ADSL router is
    The Subnet of the LAN is

    Should the subnet of the VPN be as opposed to
    ?? If not, how do I change this? Just a thought!!

    Any ideas?


    Richard Kimberley, Sep 24, 2005
  12. Richard Kimberley

    Ian Guest

    Is Firewall enabled on the RRAS server?
    Ian, Sep 24, 2005
  13. I'm not sure, I think so. How exactly do I check? Can't seem to find any way
    of viewing firewall settings?
    Richard Kimberley, Sep 25, 2005
  14. Sussed it!!

    While I was looking for the firewall, I found in the properties of the
    network card "Allow NetBIOS over TCP/IP"

    Ticked that and I could then ping all the other workstations on the LAN from
    the VPN client both by name and IP !!

    Only thing I can't do is ping by name my other server on the LAN.

    The second server is on a different domain which is currently not used. It
    does however have a shared folder on it which can be accessed by all the
    machines on the LAN. The VPN cluient only seems to be able to access it by
    IP. Is there any way I can set it to work using name instead of IP ?

    The second server is (
    Its name is SERVER02.domain2.local (the other is SERVER01.domain1.local)

    Cheers :)
    Richard Kimberley, Sep 25, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.