Issue with SBS 2003 & clients on different subnets

[kevnich2]

I agree with spidey on this one, it definately sounds like a DNS resolution issue.

 

[nweaver]

Originally posted by: Kaido

Originally posted by: spidey07

I think it's a lost cause. He won't listen.

But posting the exact results of those tests would point the compass in the right direction.

I just haven't had a chance to yet - I'm testing the VPN connection from home using the VPN router, and everytime I switch between it and my wireless router, I get a new IP address since I'm using cable with a dynamic IP from my ISP. Even using the VPN client software to get in, I can't change the IP address due to the way the webpage is setup over a remote connection. I have to wait for someone to get into work to change it for me. End result, I have to wait until tomorrow for someone to hook up the connection for me. Be patient 🙂

What IP are you trying to change?

 

[Kaido]

Originally posted by: kevnich2
I agree with spidey on this one, it definately sounds like a DNS resolution issue.

Results of nslookup:

*** Can't find server name for address 192.168.253.2: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.253.2

So it's not seeing the DNS setup. Our VPN is configured properly; we can ping the server @ 192.168.253.2 from the 192.168.11.x subnet. Do we need to add the 11.x subnet to the DNS listing somehow? Edit: I can also ping SERVER.mycompany.local...

Also, does anyone know how to enable users to disable the Windows firewall on a domain? I cannot disable the Windows firewall on networked workstations, even after editing the group policy on the server.

 

[Kaido]

Originally posted by: nweaver

What IP are you trying to change?

Basically you punch in the remote IP of the router you're trying to connect on the local router; that's how it knows where to point the tunnel to (along with some other security-related info). I have a wireless router that I use for my family's network at home, but I have to unplug the modem and plug it back in to get it to work with the VPN router I am testing here. Everytime I do that it gives me a new IP, which means that it has to be updated on the remote router. Edit: Changed a setting on the router to allow for remote administration; that solved the hanging problem when I'd go into the Advanced button on my VPN connection, so now I can change all the features I want myself. Whoohoo! 😀

 

[nweaver]

this is DNS related. You cannot talk to your SBS server via DNS. That is required. It's time to start checking firewalls and stuff, and if you can't find a quick easy problem to fix, it's time to break out the old school hub and Wireshark.

 

[Kaido]

Originally posted by: nweaver
this is DNS related. You cannot talk to your SBS server via DNS. That is required. It's time to start checking firewalls and stuff, and if you can't find a quick easy problem to fix, it's time to break out the old school hub and Wireshark.

Yeah, it's strange - as long as you're on the same subnet as the server (192.168.253.x), you can access the DNS. Otherwise for all intents and purposes it doesn't exist 😛

 

[Kaido]

Quick update - got things partially working. 4 firewalls and several router settings later I can somehow browse the domain. Using nslookup, I cannot "see" the domain - I can ping the IP, I can ping SERVER, I can ping SERVER.mycompany.local, but I cannot ping mycompany.local. nslookup still gives me the same thing, non-existant domain. However, I can browse the domain over the VPN, print to printers, see shared folders on the domain, and I even show up on the domain. We've played with firewalls, vpn, rras, the routing table, etc., done everything by the book, nada. So somehow I can access what I need to without actually seeing the domain. Awesome! 😀

 

[nweaver]

Originally posted by: Kaido
Quick update - got things partially working. 4 firewalls and several router settings later I can somehow browse the domain. Using nslookup, I cannot "see" the domain - I can ping the IP, I can ping SERVER, I can ping SERVER.mycompany.local, but I cannot ping mycompany.local. nslookup still gives me the same thing, non-existant domain. However, I can browse the domain over the VPN, print to printers, see shared folders on the domain, and I even show up on the domain. We've played with firewalls, vpn, rras, the routing table, etc., done everything by the book, nada. So somehow I can access what I need to without actually seeing the domain. Awesome! 😀

check DNS, you may not have a record for mycompany.local as a valid name (no A Name record)

if you can ping myserver.mycomany.local you are good.

 

[Kaido]

Originally posted by: nweaver

Originally posted by: Kaido
Quick update - got things partially working. 4 firewalls and several router settings later I can somehow browse the domain. Using nslookup, I cannot "see" the domain - I can ping the IP, I can ping SERVER, I can ping SERVER.mycompany.local, but I cannot ping mycompany.local. nslookup still gives me the same thing, non-existant domain. However, I can browse the domain over the VPN, print to printers, see shared folders on the domain, and I even show up on the domain. We've played with firewalls, vpn, rras, the routing table, etc., done everything by the book, nada. So somehow I can access what I need to without actually seeing the domain. Awesome! 😀

check DNS, you may not have a record for mycompany.local as a valid name (no A Name record)

if you can ping myserver.mycomany.local you are good.

I'll check when I go into today...we can ping mycompany.local from inside the network but not via VPN. I'm just happy that it works, so thanks for your help everybody! 🙂