Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by Henri » Wed, 25 Apr 2007 04:22:57


Hi,

Im using a SBS 2003Sp1 R2 Premium.

An internal client is trying to use RDP to a computer on a customers network
using VPN.

My user connects successfully with the vpn client to the customers network.
Starts the RDP client but gets redirected to localhost.

Trying the same scenario with a computer not added to our own SBS 2003
domain (workgroup) the scenario works.

Why and how do I solve this with apppropriate solution?
It sounds like a local policy (computer) such as a possible change on the
local FW...

Greatfull for help!

Kind Regards

Henrik
 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by Clau » Wed, 25 Apr 2007 05:05:29

After the client is connected to the VPN do an ipconfig /all and have a look
at the IP configuration under the VPN. Is the subnet by any chance the same
subnet as your own LAN? Would be a coincident but quite possible as a lot of
setups are done with default settings. If the subnets are different, post
the result of your ipconfig /all from the workstation and from your SBS box.

--
Claus

 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by v-jalu » Wed, 25 Apr 2007 21:07:17

Hi Henrik,


Thanks for posting here.

From the description, I understand the issue is that computer that have
joined the domain gets redirected to localhost when using RDP.but the
computer in workgroup work fine. If I am off base, please don't hesitate to
let me know.

Let us refer to the following steps to troubleshoot the issue:

It look like a FWC (ISA firewall client) issue.

1.Please disable the FWC on computer that have joined the domain,and then
reestablish the VPN connection again and test the RDP connection, will the
problem be resolved?

2.Please configure the "SBS Internet Access Rule" to apply to "All Users"
instead of "SBS Internet Users" in ISA Server.


I appreciate your time. I am happy to be of assistance and look forward to
your reply.



Have a nice day!

Best regards,

Jacky Luo (MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
====================================================
PLEASE NOTE: The partner managed newsgroups are provided to
assist with break/fix issues and simple how to questions.
We also love to hear your product feedback! Let us know what you think by
posting

from the web interface: Partner Feedback
from your newsreader: microsoft.private.directaccess.partnerfeedback.

We look forward to hearing from you!
====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
====================================================
 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by McAlla » Thu, 26 Apr 2007 20:14:31

Thanks Jacky.

I have tried your suggestions , some already before poting here, and It does
not help.
Right now Im waiting out the cusstomer who has had some kind of routing
problem so I will post back ipconfig results asap.

//Henrik
 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by v-jalu » Thu, 26 Apr 2007 23:17:06

Hi Henrik,


Thanks for posting back.

It is likely related to ISA server,Please stop all ISA related service to
see if it make any difference.

Please paste the ipconfig/all on the client and server. and explain some
network topology in your scenario. especially subnet


Have a nice day!

Best regards,

Jacky Luo (MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
====================================================
PLEASE NOTE: The partner managed newsgroups are provided to
assist with break/fix issues and simple how to questions.
We also love to hear your product feedback! Let us know what you think by
posting

from the web interface: Partner Feedback
from your newsreader: microsoft.private.directaccess.partnerfeedback.

We look forward to hearing from you!
====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
====================================================
 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by McAlla » Fri, 27 Apr 2007 16:50:25

Hi, heres some data..

The clients IP config... a question, sholud the external Interface have
internal DNS and Wins configuerd? I havent noticed these settings
untill now... ihavent checked them since a clean reinstall 6 months ago.

DHCP activated . . . . . . . . . : Yes
Autokonfiguration activated . . . : Yes
IP-adress . . . . . . . . . . . . : 192.168.3.24
Nmask . . . . . . . . . . . . . : 255.255.255.0
Standard-gateway . . . . . . . . : 192.168.3.10
DHCP-server . . . . . . . . . . . : 192.168.3.10
DNS-servrar . . . . . . . . . . . : 192.168.3.10
Prim WINS-server . . . . . . . : 192.168.3.10

Heres the servers data

Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.3.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.3.10
Primary WINS Server . . . . . . . : 192.168.3.10

Ethernet adapter External Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 83.227.148.196
Subnet Mask . . . . . . . . . . . : 255.255.255.192
Default Gateway . . . . . . . . . : 83.227.148.193
DNS Servers . . . . . . . . . . . : 192.168.3.10
Primary WINS Server . . . . . . . : 192.168.3.10

The other is not much to explain.

My client listed above are using a vpn client software to connect to a vpn
gateway at a customers site.
If i connect a linksys wireless router and completly bypasses the SBS 2003
server the connection with the vpn client is successfull.

But passing thru the SBS 2003 server / ISA the connection fails.
The appliance at the customers site is an older Vacman and the software is a
Smartpass Radius software.

My subnet is only one subnet that you can se in the settings above.
Nr of clients is 10. I have disabled the local windows fw on the clients for
testing is this matter with no results.
 
 
 

Internal VPN client- connects to remote vpn site - Using RDP and gets redirects to localhost

Post by v-jalu » Fri, 27 Apr 2007 22:49:51

Hi Henrik,


Thanks for posting back.

your network configuration have no problem,the external Interface sholud
have internal DNS and Wins configuerd.

It is most likely related to ISA server on the SBS server,Please stop all
ISA related service to see if it make any difference.you can also check all
the ISA policy and rules.

If issue persists,rerun CEICW,

825763 How to configure Internet access in Windows Small Business Server
2003

http://www.yqcomputer.com/


In addition,what's the other difference(configuration and software
installed) between workgroup machine and domain machine?



Have a nice day!

Best regards,

Jacky Luo (MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
====================================================
PLEASE NOTE: The partner managed newsgroups are provided to
assist with break/fix issues and simple how to questions.
We also love to hear your product feedback! Let us know what you think by
posting

from the web interface: Partner Feedback
from your newsreader: microsoft.private.directaccess.partnerfeedback.

We look forward to hearing from you!
====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
====================================================