Options

RAS connectivity problems

LexxdymondzLexxdymondz Member Posts: 356
I'm going to apologize first because this is going to be a long post to make sure I've covered all my bases.

I need to install a VPN server at my office because we will be having people connecting from the road. I have a Win2K server installed between my DSL modem the ISP gave me and the router on my internal network. The ISP ip addresses are static and can be pinged from the internet. I've installed 2 NIC cards one with one of the address from the ISP and the other connecting to my internal network. I install RAS as a remote access server with the default settings, no radius or anything else. For some reason I can't ping the ISP ip address once RAS is installed? Nor can i connect with a VPN connection. I am using the PPTP connections just FYI. I can establish a connection from my internal network to my RAS server, with ping and with the connection wizard making a vpn connection. When I uninstall RAS I can again ping the ip address from the internet. I've have not set up any filters and have granted access to the server. I'm really at a loss and read numerous white papers from microsoft but still cannot find an answer to my problem.

In short:
I can ping the ISP IP address from the internet when RAS is not configured.
When RAS is configured I cannot ping or connect from the internet.
When RAS is configured I can ping and connect from my internal network.

Anyone have any ideas?

Comments

  • Options
    ajs1976ajs1976 Member Posts: 1,945 ■■■■□□□□□□
    Actually you installed RRAS, not just RAS. My guess is the Routing part is interfering.

    Sorry I can't give more help then that right now.
    Andy

    2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
  • Options
    LexxdymondzLexxdymondz Member Posts: 356
    Sorry for not explaining that better i installed Routing and Remote Access as a Remote Access Server. I'm not sure why the routing would turn off ICMP response on the one NIC card, but then again i don't have too much experience with this. I'm still reading everything from microsoft's website I can get my hands on. If anyone has any other ideas or has come across this before ANY help would definitely be appreciated.
  • Options
    rossonieri#1rossonieri#1 Member Posts: 799 ■■■□□□□□□□
    have you specify which port route the internal network to internet and vice versa? or have correctly configure vpn access in your w2k ras? how about your vpn client config - have you specify ip address they will connect to?? some vpn key points that you might want to check : routing config, vpn access, firewall if any, client ip address assign by dhcp or staticly specify etc...
    the More I know, that is more and More I dont know.
  • Options
    LexxdymondzLexxdymondz Member Posts: 356
    The real problem lies in the fact that before I install Routing and Remote Access I can ping the external ip address from the internet, but as soon as I go through the wizard to confiure Remote Access Server, I can no longer ping the ip address from the internet. I haven't even made it far enough to connect a client machine, because without the ping response the client will fail to connect anyway (I have tried this). I am about to try and change out the external NIC card and see if it will remedy the problem.

    I would say that I've correctly configured RAS because I can establish a VPN connection from my internal network using the external IP address in the VPN client. The problem lies that I cannot connect to the external IP address from the internet. Also checked the DSL router to see if it is blocking ports or filtering but it is completely open.

    I'm still stumped?????? icon_study.gif
  • Options
    rossonieri#1rossonieri#1 Member Posts: 799 ■■■□□□□□□□
    i'm sorry, but try to look again in your w2k ras - maybe you have accidently configure NAT - your internal client is assigned local subnet ip so it would have no difficulties reaching your server, but since misconfigure NAT can change your ip ( either public/private ) i would consider it a cause... so your ras server cant ping your isp. and vice versa the outer world cant ping your w2k ras server... try to ping your ras server from any pc via the internet - if your server respons then your config is 80% correct and the rest you might configure later .
    the More I know, that is more and More I dont know.
  • Options
    LexxdymondzLexxdymondz Member Posts: 356
    Found the problem.

    I did not set the NAS-Port-Type attribute to VPN in my remote access policy. I also did not add a filter to allow ICMP packets.

    Information was found on microsofts website (VPN white papers) and also in sybex 70-216 study guide. Thanks for the ideas, I appreciate the help.
  • Options
    rossonieri#1rossonieri#1 Member Posts: 799 ■■■□□□□□□□
    are you talking about policy or just connectivity? because currently there are no standard on vpn implementation...
    the More I know, that is more and More I dont know.
Sign In or Register to comment.