Registered users    
MembershipMembership:
Latest New UserLatest:Martin Baker
New TodayNew Today:4
New YesterdayNew Yesterday:7
User CountOverall:23063
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12622
Marina Roos12280
Eriq Neale2105
Michael Patrick1906
Stan Guinn1840
Robert Pearman1724
Nick Pieters1425
Stewart Brown609
Kevin D.563
william warren548
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Smallbusiness Server > Remote Access
Subject: Can't access the Private Side
Prev Next
You are not authorized to post a reply.

Author Messages
Jim Brubaker User is Offline
United States
Member since
10/12/2007

Registered Users
Posts: 2
10/12/2007 02:49 AM  
Here is my network config. I have been going crazy trying to find the solution...
 
I have a SBS 2003 R2 with 2 Nics. One is connected to the Cisco Router, One is connected to the Network Switch. My inside address is 192.168.0.1, outside (to the Cisco Router) is 10.10.10.2 (Router is 10.10.10.1). Cisco Router is connected to the Interent, and has DMVPN that is working between with a Tunnel up between other Cisco Routers at remote locations.
 
I can ping and access desktops at remote locations from the 192.168.0.0 subnet, but I cannot access file shares on the 192.168.0.0 subnet from remote locations. I can RDP to the 10.10.10.2 side of the SBS with only the Tunnel up, but cannot RDP to the 192.168.0.1 NIC unless I first create a VPN to the Server.
 
I am thinking what I need to do is to open a port on the 10.10.10.2 NIC in RRAS, but perhaps I need to create a static route, I am not sure. Any suggestions are greatly appreciated....
robert pearman User is Offline
United Kingdom
Member since
2/23/2007

Platinum Membership
Posts: 1724
10/12/2007 03:42 PM  
this could either be a routing issue with your cisco boxes, or a firewall issue on the sbs box.

Jim Brubaker User is Offline
United States
Member since
10/12/2007

Registered Users
Posts: 2
10/12/2007 08:42 PM  
From the way that you can ping the 10.10.10.2 interface from outside a remote network but not the 192.168.0.1 interface, my assumption is that it is with the firewall. I have the firewall in RRAS disabled, but still with no success.
 
I can even remote desktop to a different 192.168.0.0 network machine without a VPN, with only the tunnel in place between the Cisco routers.
 
I am assuming that there is a port in the SBS that need to be opened to allow communication between the 10.10.10.0 side and the 192.168.0.0 side. It is what seems reasonable.
 
I have tried allowing ports 135, 138, & 139 by creating rules on the 10.10.10.2 interface in RRAS, but still no reply from the 192.168.0.1 interface.
 
Thanks again for any help...
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12280
5/09/2008 11:07 PM  
Hi Jim,

Did you figure this out yet?
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
RI Roche User is Offline
United Kingdom
Member since
4/12/2005

Platinum Membership
Posts: 12
6/11/2008 06:01 PM  
Hello Jim,

I have a very similar problem but with the following differences:
head office funning sbs2000 2 NICs. I do not have a server in the remote office - I want to connect the two remote workstations via an IPSec VPN tunnel between two Draytek Vigor ADSL routers. This leaves me PPTP free for remote admin. I do not want to use RRAS as it is not always on and I am running an app over Termianl Services.

Like you, I can ping the server public side but cannot reach the internal IP range.

Any suggestions?

Iain Roche
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12280
7/17/2008 04:21 AM  
Hi Iain,
 
You will never be able to achieve that if you are using 2 nics in the SBS server, as the VPN tunnel is terminating at the external side of the network.
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
You are not authorized to post a reply.
Forums > Microsoft Smallbusiness Server > Remote Access > Can't access the Private Side


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.2500032 seconds.   :   Terms Of Use   :   Privacy Statement