|
|
Question : Problem: Cannot access some network resources over MS Server 2003 VPN.
|
|
Need to replace Watchguard PPTP connections with Server 2003 as Watchguard will only support 50 users and there are approx. 125. Configured RAS (maybe incorrectly) and can connect the PPTP VPN. Can ping and RDC to the DC/RAS by IP address but not FQDN - always. Can ping and RDC to terminal server by IP only - rarely. CANNOT ping or connect Outlook to the exchange server - always. Client picks up DHCP IP address. DNS is set manually but client tries to ping external IP when using FQDNs unless added to hosts file. Have routed PPTP traffic via NAT to the DC on the Watchguard. Have enabled NETBIOS over TCP/IP on client and server. Have checked/unchecked default gateway. Have tried same subnets and different subnets on the NICs. Have tried banging my head against the wall. Would ideally like to restrict VPN traffic to only authentication, terminal traffic and Outlook to Exchange. But frankly, would just like it to work.
MS Server 2003 R2 x64 Standard SP1 on the DC. Two NICs. MS Server 2003 Standard SP1 on the Exchange server and the file server. MS Server Enterprise 2003 on the terminal server. Symantec 8200 series mail gateway appliance. Watchguard Firebox X1250e running fireware pro 8.3.
|
Answer : Problem: Cannot access some network resources over MS Server 2003 VPN.
|
|
Connecting multiple software clients from one site will not work with many VPN solutions as they do not support NAT-T. RRAS as far as I know is one of these. Connecting from multiple sites is no problem. When you have multiple users at one remote site the best option is a hardware site-to-site VPN solution. Allows for numerous connections, better performance , and better security.
Thanks for updating. Cheers, --Rob
|
|
|