Hi. We are using a Cisco PIX firewall and have remote workstations
terminate on the PIX which is sitting in front out our internal network.
The PIX VPN is working correctly and we are able to ping internal
workstations and internal workstations can ping the external clients.
Unfortunately the external clients are unable to contact the SBS2k3 server
in any way, including pings. Our normal internal network range is 10.0.0.x
255.255.255.0, and when VPN clients connect into the network they are
allocated 10.0.2.x 255.255.255.0 as recommended by Cisco, with the PIX
handling the routing between. Since the external clients can contact all
other internal systems apart form the Server, the only thing I can think of
is that the server by default will only respond to clients on the same
internal subnet ? The server internal address is 10.0.0.10 255.255.255.0
and external 192.168.1.10 255.255.255.0.
Can anyone suggest what would cause the SBS2k3 server to ignore the VPN
clients even though internal XP Workstations which are on the same subnet
can see the VPN clients ?
Along similar lines we are unsure if we will have a problem with the SP2
Firewall. Unfortuantely we can't test this until we resolve why the VPN
clients can't contact the server once connected. We are using the Cisco VPN
client to connect to the PIX firewall which is working fine. When the
remote user is connecting via VPN the firewall is operating in non-domain
mode. When the VPN connection is present we are conecerned although the
system will be connected to the domain the firewall will continue to operate
in non-domain and block access to the server.
Can anyone suggest whether this would be the case ?
Stuart Mackie [MCP, MSP]