+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 29
Windows Server 2008 Thread, PPTP VPN Connection in Technical; Hi, I'm having problems with a VPN connection between two sites. Both sites run server 08 and both are using ...
  1. #1

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12

    PPTP VPN Connection

    Hi,

    I'm having problems with a VPN connection between two sites. Both sites run server 08 and both are using Routing and Remote Access with NAT. My setup is similar to this


    WORKSTATION.A <--> SERVER.A <----> ROUTER <------- (INTERNET) -------> ROUTER <----> SERVER.B <-->WORKSTATION.B+
    192.168.20.0 20.1 / 200.1 <-> 200.254 <--(Here lives the dragons)--> 100.254 <-> 100.1 / 10.1 <-->192.168.10.0


    All Subnets are /24. At the moment, Workstation A can ping Workstation B and server B. Workstation B can ping Workstation A and Server A.
    ServerA cannot ping ServerB (and vise versa). Each server can connect to each other network shares by \\[RemoteServerIP]

    Things I've tried/done
    • Restarting both servers
    • Reseting both routers to factory defaults
    • Replacing both routers
    • Tested this setup on another network I manage which both have server 2003 and both servers could ping no problem. (however NAT is not being used in this situation)
    • Recreating VPN
    • Recrearing NAT interface
    • Allowed all ports from both remote subnets through the firewalls
    • Disabled Domain Firewall. (Group policy wouldnt let me disable private and public however I set "machine settings/dministrative templates/network/network connections/windows firewall to disabled.


    They VPN is used for SQL, File and print sharing, Exchange<->Outlook.

    When trying to RDP to the remote server from Workstation
    Any help would be much appreached as I need this fixed as soon as. Even if someone to explain in detail how to allow all traffic through windows firewall as I have a strong suspicion this is related to the FW. Even if you tell me how to completely disable the FW all together as I can only find how to diable Domain Network in Group Policy. (I know it's in there somewhere! I've seen it before!)


    Many Thanks,
    Fraser

  2. #2

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi Fraser

    What exactly is the issue?

    Server A and Server B cannot ping each other?
    Can't RDP ? What is the exact issue with RDP?

    Sukh

  3. #3

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Quote Originally Posted by sukh View Post
    Hi Fraser

    What exactly is the issue?

    Server A and Server B cannot ping each other?
    Can't RDP ? What is the exact issue with RDP?

    Sukh
    I think the firewalls are the cause here and are preforming some sort of blocking one one of the interfaces or something? This did work before, and as far as I'm aware, no settings have been changed.

    Both servers cannot ping each other
    ServerA cannot connect to Server's B SQL
    Both servers cannot RDP to each other
    Both servers CAN browse each other's network shares using \\IP_Address

    WorkstationA to WorkstationB is fine, (RDP, ICMP, etc)
    Workstations cannot RDP to remote server (have only tried on way actually)
    Workstation can however ping remote server

    I've opened/disabled the firewall's as much as I can ("some settings are control by group policy", but I've checked through all policies and removed all FW related settings. Also ran GPupdate /force)



    Sorry, I know this seems a bit of a mess (I've just taken the systems over) If I can completely remove all firewall rules then I think i may be one step closer to the solution.


    Thank you
    Fraser

  4. #4

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    Are you in a position to disable the firewalls to test? If, so, we can at least start from there and work on firewall if this is the issue?

    Sukh

  5. #5

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Yes. Need this sorted as soon as. I'll be home in about 30mins so will be able to do some testing/modifications then.

    I also tried setting a group policy setting (cant remember the exact one/name) to disable the firewalls but it didn't help. I am on very slow internet just now so cant go googling for it. Think it was like prevent firewall on interface and set it to disabled to stopped the firewall processes.

    Edit: It was this Windows Firewall: Protect all network connections to Disabled.

    I have tried recreating the VPN's and NAT interfaces. Im 95% sure this problem is firewall related. Just need to completely disable and remove all FW group policy settings first and if it works, build up security from there.


    Thank you so much for your help. Just took over these servers last week you see.


    Fraser

  6. #6

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    I'm assuming you have two nic's on each MS Windows 2008 server?

    When configuring RRAS did you disbable static packets which is set by default on the interfaces?

    Sukh

  7. #7

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    Sent you PM.

    Sukh

  8. #8

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Quote Originally Posted by sukh View Post
    I'm assuming you have two nic's on each MS Windows 2008 server?
    That is correct
    Quote Originally Posted by sukh View Post
    When configuring RRAS did you disbable static packets which is set by default on the interfaces?

    Sukh

    Ehh... Not sure. How/Where would I find out?


    P.S. No PM received?

  9. #9

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    Check again (PM). I also didn't receive a reply back from your post.

    Sukh

  10. #10

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    Please try the following for troubleshooting:
    1. On the server, open Routing and Remote Access from Administrative Tools.
    2. Right click the server name and select “Disable Routing and Remote Access”.
    3. After we disable it, right click and select “Configure and Enable Routing and Remote Access”.
    4. Follow the wizard and select VPN.
    5. When selecting the network that connects to Internet, ensure we de-select “Enable security on the selected interface by setting up static packets filtering”.
    6. Finish the reset of the wizard and check whether we are able to connect or not.

    Sukh

  11. Thanks to sukh from:

    Fraser-09 (1st May 2011)

  12. #11

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Quote Originally Posted by sukh View Post
    Hi

    Please try the following for troubleshooting:
    1. On the server, open Routing and Remote Access from Administrative Tools.
    2. Right click the server name and select “Disable Routing and Remote Access”.
    3. After we disable it, right click and select “Configure and Enable Routing and Remote Access”.
    4. Follow the wizard and select VPN.
    5. When selecting the network that connects to Internet, ensure we de-select “Enable security on the selected interface by setting up static packets filtering”.
    6. Finish the reset of the wizard and check whether we are able to connect or not.

    Sukh
    On both servers yeah?

  13. #12

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    Try on both yes.

    Sukh

  14. #13

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Quote Originally Posted by sukh View Post
    Hi

    Try on both yes.

    Sukh

    Sorry, not too sure where I'm doing this...

    Is it "Route IP Packets on this Interface" I'm de-selecting?
    or at the screen to add static route's do I enter none?


    I dont see any options regarding security

    Thank you

  15. #14

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    When selecting the network that connects to Internet, ensure we de-select “Enable security on the selected interface by setting up static packets filtering”.


    Confirm you are using Windows 2008?

    Sukh

  16. #15

    Join Date
    Mar 2009
    Location
    Ayrshire, Scotland
    Posts
    78
    Thank Post
    8
    Thanked 5 Times in 5 Posts
    Rep Power
    12
    Im sorry, I must be missing something. Tried both options of the wizard (VPN + NAT and Secure connection between two networks) and both say nothing about security on the interfaces.

    Yes, using Server 2008 Foundation and Server 2008 SBS Std.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 2
    Last Post: 21st February 2010, 10:03 PM
  2. VPN Connection from Inside
    By karldenton in forum Windows
    Replies: 1
    Last Post: 25th January 2010, 02:28 PM
  3. detect vpn connection
    By firefighting in forum How do you do....it?
    Replies: 3
    Last Post: 15th July 2009, 12:02 AM
  4. PPTP VPN and Censornet
    By OutToLunch in forum *nix
    Replies: 2
    Last Post: 23rd January 2008, 05:25 PM
  5. VPN connection with internet connection option
    By FN-GM in forum Wireless Networks
    Replies: 6
    Last Post: 29th December 2007, 07:19 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •