Sign in with
Sign up | Sign in
Your question

Problem with VPN

Tags:
  • VPN
  • Internet Explorer
  • Networking
Last response: in Networking
Share
Anonymous
August 11, 2004 9:22:00 PM

Archived from groups: comp.dcom.vpn (More info?)

I have a user who just signed up for Bellsouth Fastconnect DSL.

We use the native VPN in Windows XP professional on his PC in order to
connect to our system. He uses Outlook 2003 & Internet Explorer when
connected to our system.

When VPN is set up, it's a garden variety install, taking default settings
after specifying our vpn server name.

He can connect, and outlook functions fine. However, the problem is
Internet Explorer.

Once he's connected via VPN to our system, Outlook works fine, he can see
public folders and everything he should see. However, the problem is
getting to our website. He cannot access our website by it's external name.
If he tries, he doesn't even get the NT Challenge Response box - it just
goes straight to a DNS error on the web browser.

If he tries connecting using the server name (not the external web server
name), it works fine.

If he disconnects from VPN, if he tries our external web server name, it
works fine there also.

That made me think that the problem was VPN and NOT the web browser, since
it'd work outside of VPN.

We have 1 other user who has a similar problem, and have not been able to
resolve either of them. Both users have the proper permissions, and they
are the same as about a hundred other users. Getting to our website from
internally using the external web address name works fine for everyone else.

I checked to see if he had a stray DNS or WINS in his setup, and he didn't.
It was the same as mine, which works exactly as it should.

Any ideas????

Help!!

BC

More about : problem vpn

Anonymous
August 11, 2004 9:22:01 PM

Archived from groups: comp.dcom.vpn (More info?)

The Windows VPN puts you into the that network, ie your corp net and
Unless you allow his inbound traffic to go back "OUT" then he won't be
able to connect to external world...

I have several clients I VPN into, some I can continue to access sites
outside of thier networks while others I can't

Blasting Cap wrote:

> I have a user who just signed up for Bellsouth Fastconnect DSL.
>
> We use the native VPN in Windows XP professional on his PC in order to
> connect to our system. He uses Outlook 2003 & Internet Explorer when
> connected to our system.
>
> When VPN is set up, it's a garden variety install, taking default settings
> after specifying our vpn server name.
>
> He can connect, and outlook functions fine. However, the problem is
> Internet Explorer.
>
> Once he's connected via VPN to our system, Outlook works fine, he can see
> public folders and everything he should see. However, the problem is
> getting to our website. He cannot access our website by it's external name.
> If he tries, he doesn't even get the NT Challenge Response box - it just
> goes straight to a DNS error on the web browser.
>
> If he tries connecting using the server name (not the external web server
> name), it works fine.
>
> If he disconnects from VPN, if he tries our external web server name, it
> works fine there also.
>
> That made me think that the problem was VPN and NOT the web browser, since
> it'd work outside of VPN.
>
> We have 1 other user who has a similar problem, and have not been able to
> resolve either of them. Both users have the proper permissions, and they
> are the same as about a hundred other users. Getting to our website from
> internally using the external web address name works fine for everyone else.
>
> I checked to see if he had a stray DNS or WINS in his setup, and he didn't.
> It was the same as mine, which works exactly as it should.
>
> Any ideas????
>
> Help!!
>
> BC
>
>
>
>
>
Anonymous
August 12, 2004 12:23:54 PM

Archived from groups: comp.dcom.vpn (More info?)

Kirk -

the thing is, the website he is trying to get to is accessible for everyone
as the same URL, www.myserver.com - whether they're inside the intranet or
outside on the internet. It works for practically everyone but him & one
other person.

Our corporate, public website is accessible to both of them.

BC




"Kirk Goins" <kgoins@aracnet.com> wrote in message
news:cfecb402lls@enews2.newsguy.com...
> The Windows VPN puts you into the that network, ie your corp net and
> Unless you allow his inbound traffic to go back "OUT" then he won't be
> able to connect to external world...
>
> I have several clients I VPN into, some I can continue to access sites
> outside of thier networks while others I can't
>
> Blasting Cap wrote:
>
> > I have a user who just signed up for Bellsouth Fastconnect DSL.
> >
> > We use the native VPN in Windows XP professional on his PC in order to
> > connect to our system. He uses Outlook 2003 & Internet Explorer when
> > connected to our system.
> >
> > When VPN is set up, it's a garden variety install, taking default
settings
> > after specifying our vpn server name.
> >
> > He can connect, and outlook functions fine. However, the problem is
> > Internet Explorer.
> >
> > Once he's connected via VPN to our system, Outlook works fine, he can
see
> > public folders and everything he should see. However, the problem is
> > getting to our website. He cannot access our website by it's external
name.
> > If he tries, he doesn't even get the NT Challenge Response box - it just
> > goes straight to a DNS error on the web browser.
> >
> > If he tries connecting using the server name (not the external web
server
> > name), it works fine.
> >
> > If he disconnects from VPN, if he tries our external web server name, it
> > works fine there also.
> >
> > That made me think that the problem was VPN and NOT the web browser,
since
> > it'd work outside of VPN.
> >
> > We have 1 other user who has a similar problem, and have not been able
to
> > resolve either of them. Both users have the proper permissions, and
they
> > are the same as about a hundred other users. Getting to our website
from
> > internally using the external web address name works fine for everyone
else.
> >
> > I checked to see if he had a stray DNS or WINS in his setup, and he
didn't.
> > It was the same as mine, which works exactly as it should.
> >
> > Any ideas????
> >
> > Help!!
> >
> > BC
> >
> >
> >
> >
> >
>
Anonymous
August 12, 2004 8:15:27 PM

Archived from groups: comp.dcom.vpn (More info?)

The key here is Users that are "inside" to start with vs users that
start "outside" and are now inside via VPN.

I don't know all the details of the how and whys but what I have seen is
this and it may have to do with SPOOFING addresses.

#1 Users with a real inside address (say 10.x.x.x) seen coming from
inside the real network and they can get to the outside world just fine.
Firewall(s) etc see traffic in 1 port and out another and that's OK.

#2 Outside users via VPN also have a 10.x.x.x but the firewalls and
routers know it's truly not a device from inside. When data like a
request to browse a website (even yahoo.com) outside the the internal
network the firewall sees it as packets from the outside trying to go
back ouot the same port and many firewall don't allow this...

Now all the above assumes that this user can't get to "any" external
website.

If all else fails try a traceroute to see where it's getting stopped




Blasting Cap wrote:
> Kirk -
>
> the thing is, the website he is trying to get to is accessible for everyone
> as the same URL, www.myserver.com - whether they're inside the intranet or
> outside on the internet. It works for practically everyone but him & one
> other person.
>
> Our corporate, public website is accessible to both of them.
>
> BC
>
>
>
>
> "Kirk Goins" <kgoins@aracnet.com> wrote in message
> news:cfecb402lls@enews2.newsguy.com...
>
>>The Windows VPN puts you into the that network, ie your corp net and
>>Unless you allow his inbound traffic to go back "OUT" then he won't be
>>able to connect to external world...
>>
>>I have several clients I VPN into, some I can continue to access sites
>>outside of thier networks while others I can't
>>
>>Blasting Cap wrote:
>>
>>
>>>I have a user who just signed up for Bellsouth Fastconnect DSL.
>>>
>>>We use the native VPN in Windows XP professional on his PC in order to
>>>connect to our system. He uses Outlook 2003 & Internet Explorer when
>>>connected to our system.
>>>
>>>When VPN is set up, it's a garden variety install, taking default
>
> settings
>
>>>after specifying our vpn server name.
>>>
>>>He can connect, and outlook functions fine. However, the problem is
>>>Internet Explorer.
>>>
>>>Once he's connected via VPN to our system, Outlook works fine, he can
>
> see
>
>>>public folders and everything he should see. However, the problem is
>>>getting to our website. He cannot access our website by it's external
>
> name.
>
>>>If he tries, he doesn't even get the NT Challenge Response box - it just
>>>goes straight to a DNS error on the web browser.
>>>
>>>If he tries connecting using the server name (not the external web
>
> server
>
>>>name), it works fine.
>>>
>>>If he disconnects from VPN, if he tries our external web server name, it
>>>works fine there also.
>>>
>>>That made me think that the problem was VPN and NOT the web browser,
>
> since
>
>>>it'd work outside of VPN.
>>>
>>>We have 1 other user who has a similar problem, and have not been able
>
> to
>
>>>resolve either of them. Both users have the proper permissions, and
>
> they
>
>>>are the same as about a hundred other users. Getting to our website
>
> from
>
>>>internally using the external web address name works fine for everyone
>
> else.
>
>>>I checked to see if he had a stray DNS or WINS in his setup, and he
>
> didn't.
>
>>>It was the same as mine, which works exactly as it should.
>>>
>>>Any ideas????
>>>
>>>Help!!
>>>
>>>BC
>>>
>>>
>>>
>>>
>>>
>>
>
>
!