VPN Client sees LAN machines, no conflicts, but no ping

Forum for all technical support and trouble shooting of the WinGate VPN.

Moderator: Qbik Staff

VPN Client sees LAN machines, no conflicts, but no ping

Postby drjohn999 » Jan 11 07 7:05 pm

The VPN server is Win 2003 Server SP1 with Wingate 6.2.0, no other known problems seen.

LAN is on two subnets; 192.168.0.1 for wired and 192.168.1.1 for wireless. These work OK; able to browse, see shares, ping, etc. amongst all machines in here.

WAN is on two fixed IP adapters. One is the internet gateway adapter; other is for the VPN. The server runs IIS with sharepoint and also terminal services. Again, no problems are encountered in here.

Wingate runs NAT plus email SMTP, POP, IMAP servers with no problems. The NT user database is used, and NTLM authentication is enabled for the various mail servers. The ENS policies are open to all (don't need restrictions here).

The VPN is set to accept authenticated members of Administrators.

OK, so when I connect to the VPN from a client laptop (Win XP Pro), I get the negotiated VPN connection right away. There are no routing conflicts; all of the LAN computer names are there; those that are actually present stay enabled.

From here I'm stuck -- I can't browse them, and I can't ping them. Ping returns "Ping request could not find host abcdefg." NETBios over TCP/IP is on, and MSoft printer / file sharing is enabled for the client.

I'm not sure I want to enable printer/file sharing at the server. And shouldn't the VPN just pass such traffic through anyway on its own ports?

It's not clear from the other posts in here whether Win2003 server does or does not include, either by default or after manual installation, RIP2, nor where to find it if it's there (I've looked in Add/Remove Windows components and its not there).

There is some mention of RIP in the context of setting Win2K3 up for DHCP, DNS, NAT, etc, but that's what I'm using Wingate for in the first place.

Any suggestions? The way things are now, I'm forced to come into the server on a remote session, then initiate a nested remote session to get to an inside computer, to do things (print, that I'd like to do directly by VPN.

Thanks,

John
drjohn999
 
Posts: 33
Joined: Feb 09 04 11:38 am

Postby jamesc » Jan 16 07 3:40 pm

1. The Windows Firewall is best disabled in the Windows **Services** for the sake of testing if you deem it safe. If that resolves the issue then you can turn it back on and add the scope of the remote subnets into the firewall rules on the LAN Clients that are needed. If you have any other personal firewall installed round the place then disable them for the sake of testing if you deem it safe.


2. Regarding your RIP2 question, this definition may help.

VPN Participants:
LAN Clients behind the WinGate VPN Host (Server) or Joiner (Client) that do not run WinGate/VPNOnly Software. To participate in the VPN they will either:

a) Have their default gateways pointing to the WinGate VPN Joiner/Host on their respective side.
b) OR they will run the QBIK Rip2 Utility Service to automatically discover the routes. http://downloads.qbik.com/qbiknz2/downl ... client.zip
c) OR they will turn on RIP2 on the router, so the router knows to redirect VPN traffic back to the local WinGateVPN installation (Usually on a scenario that WinGate is not their default gateway and do not want to run Qbik RIP2 Utility).
d) Create static routes.


3. When troubleshooting VPN connectivity then use ip address instead of NetBIOS names.

For example:

You are trying to access a VPN Participants called "johnspc" and the ip address of that computer is 192.168.1.100

To test pinging with a NetBIOS name:
(Windows) Start menu --> run --> cmd --> ping johnspc

To test pinging with an ip address:
(Windows) Start menu --> run --> cmd --> ping 192.168.1.100

To test accessing a file share with a NetBIOS name:
(Windows) Start menu --> run --> \\johnspc

To test accessing a file share with an ip address:
(Windows) Start menu --> run --> \\192.168.1.100
jamesc
Qbik Staff
 
Posts: 928
Joined: Apr 04 05 2:04 pm
Location: Auckland, New Zealand

VPN Client sees LAN machines, no conflicts, but no ping

Postby drjohn999 » Jan 19 07 11:17 am

Thanks for the help James,

I just emailed you a description of the setup here, which I'd be happy to post in this forum as well.

In short, I've tried all of these suggestions without success.

Pinging by IP address comes back unreachable.

Question: will running WGIC on the LAN clients help?

I'm awaiting further suggestions.

-- John
drjohn999
 
Posts: 33
Joined: Feb 09 04 11:38 am

VPN Client sees LAN machines, no conflicts, but no ping

Postby drjohn999 » Jan 25 07 8:42 am

Thanks again James,

Testing on the test VPN server helped resolve the problem to two causes: a subnet address conflict and a firewall on the LAN PCs that was blocking incoming NetBIOS traffic.

One more question: I can't find a way to remove the VPN connection listed in Wingate for the test VpN server -- it's of no further use to me.

-- John
drjohn999
 
Posts: 33
Joined: Feb 09 04 11:38 am

Postby jamesc » Jan 25 07 1:47 pm

It is good to know the solution was found.


Image
jamesc
Qbik Staff
 
Posts: 928
Joined: Apr 04 05 2:04 pm
Location: Auckland, New Zealand


Return to WinGate VPN

Who is online

Users browsing this forum: No registered users and 22 guests

cron