Discussion:
Cannot Ping Remote office VPN clients
(too old to reply)
fieldy
2007-04-13 13:28:01 UTC
Permalink
Hello,

I have after a lot of help from the group (Thank Leythos) and late nights
managed to set up a router-to-router VPN connection between 2 Netgear
FVS318's (1 on SBS net and one at remote office location) All seems to be
working apart from slow printing?

What i cannot do however is ping any of the remote clients from the SBS
network, but can do the reverse on the remote network. I have set up A
records in DNS for the remote machines and a reverse lookup, but still cannot
ping-does anyone have any ideas what i might be doing wrong?

Thanks so much,

Paul
Lanwench [MVP - Exchange]
2007-04-13 13:42:12 UTC
Permalink
Post by fieldy
Hello,
I have after a lot of help from the group (Thank Leythos) and late
nights managed to set up a router-to-router VPN connection between 2
Netgear FVS318's (1 on SBS net and one at remote office location) All
seems to be working apart from slow printing?
What i cannot do however is ping any of the remote clients from the
SBS network, but can do the reverse on the remote network. I have set
up A records in DNS for the remote machines
You shouldn't need to do that, if the remote office computers have your SBS
server's LAN IP as their sole DNS server. They should be registering
automatically in DNS. In fact, if they belong to the domain, you might want
to put a DC/DNS server in there.
Post by fieldy
and a reverse lookup, but
still cannot ping-does anyone have any ideas what i might be doing
wrong?
Check the firewalls on the remote clients.
Post by fieldy
Thanks so much,
Paul
fieldy
2007-04-13 14:38:02 UTC
Permalink
Thanks for reply. What should i check on the Firewall of the remote clients?
I also cannot ping via machine name and only IP address?

I have the remote clients configured with DNS pointing to the LAN address of
the SBS server.

I would also like to speed up the connection-would that entail throwing more
upstream bandwidth at the connection?

Thanks again,

Paul
Post by fieldy
Hello,
I have after a lot of help from the group (Thank Leythos) and late nights
managed to set up a router-to-router VPN connection between 2 Netgear
FVS318's (1 on SBS net and one at remote office location) All seems to be
working apart from slow printing?
What i cannot do however is ping any of the remote clients from the SBS
network, but can do the reverse on the remote network. I have set up A
records in DNS for the remote machines and a reverse lookup, but still cannot
ping-does anyone have any ideas what i might be doing wrong?
Thanks so much,
Paul
Lanwench [MVP - Exchange]
2007-04-13 15:29:42 UTC
Permalink
Post by fieldy
Thanks for reply. What should i check on the Firewall of the remote clients?
Check for inbound ICMP settings ..
http://msdn2.microsoft.com/en-us/library/ms912869.aspx

If you have joined the remote workstations to the domain using
http://servername/connectcomputer, you may need to change the firewall
exceptions in group policy so they don't apply only to the local subnet.
Post by fieldy
I also cannot ping via machine name and only IP address?
Then your DNS isn't working right. If you type

ping machinename

and don't get

pinging machinename.domain.local

in reply, it's trying to resolve the name via broadcast (and it won't work
over the VPN connection). (You might also wish to use WINS, note.)
Post by fieldy
I have the remote clients configured with DNS pointing to the LAN
address of the SBS server.
Good- but what DNS suffix? It should be domain.local or whatever you use for
AD.... if you're using the remote NetGear for DHCP on that network, make
sure it's giving out the right info. Remove the manually-created records you
created in your DNS server's forward lookup zone and try

ipconfig /registerdns

on a client, which ought to register itself in DNS.

Once you've tried all this you might post an unedited ipconfig /all from one
of the clients, and from your server.
Post by fieldy
I would also like to speed up the connection-would that entail
throwing more upstream bandwidth at the connection?
I'm presuming you're using ADSL? I personally like SDSL much better for a
business connection.
Post by fieldy
Thanks again,
Paul
Post by fieldy
Hello,
I have after a lot of help from the group (Thank Leythos) and late
nights managed to set up a router-to-router VPN connection between 2
Netgear FVS318's (1 on SBS net and one at remote office location)
All seems to be working apart from slow printing?
What i cannot do however is ping any of the remote clients from the
SBS network, but can do the reverse on the remote network. I have
set up A records in DNS for the remote machines and a reverse
lookup, but still cannot ping-does anyone have any ideas what i
might be doing wrong?
Thanks so much,
Paul
Jim Behning SBS MVP
2007-04-14 03:34:32 UTC
Permalink
I have some long tales at my blog that expands on some of LW's info.
http://msmvps.com/blogs/bgb/archive/2006/05/16/95140.aspx
I alos have some other ramblings in my blog that may help you.

On Fri, 13 Apr 2007 11:29:42 -0400, "Lanwench [MVP - Exchange]"
Post by Lanwench [MVP - Exchange]
Post by fieldy
Thanks for reply. What should i check on the Firewall of the remote clients?
Check for inbound ICMP settings ..
http://msdn2.microsoft.com/en-us/library/ms912869.aspx
If you have joined the remote workstations to the domain using
http://servername/connectcomputer, you may need to change the firewall
exceptions in group policy so they don't apply only to the local subnet.
Post by fieldy
I also cannot ping via machine name and only IP address?
Then your DNS isn't working right. If you type
ping machinename
and don't get
pinging machinename.domain.local
in reply, it's trying to resolve the name via broadcast (and it won't work
over the VPN connection). (You might also wish to use WINS, note.)
Post by fieldy
I have the remote clients configured with DNS pointing to the LAN
address of the SBS server.
Good- but what DNS suffix? It should be domain.local or whatever you use for
AD.... if you're using the remote NetGear for DHCP on that network, make
sure it's giving out the right info. Remove the manually-created records you
created in your DNS server's forward lookup zone and try
ipconfig /registerdns
on a client, which ought to register itself in DNS.
Once you've tried all this you might post an unedited ipconfig /all from one
of the clients, and from your server.
Post by fieldy
I would also like to speed up the connection-would that entail
throwing more upstream bandwidth at the connection?
I'm presuming you're using ADSL? I personally like SDSL much better for a
business connection.
Post by fieldy
Thanks again,
Paul
Post by fieldy
Hello,
I have after a lot of help from the group (Thank Leythos) and late
nights managed to set up a router-to-router VPN connection between 2
Netgear FVS318's (1 on SBS net and one at remote office location)
All seems to be working apart from slow printing?
What i cannot do however is ping any of the remote clients from the
SBS network, but can do the reverse on the remote network. I have
set up A records in DNS for the remote machines and a reverse
lookup, but still cannot ping-does anyone have any ideas what i
might be doing wrong?
Thanks so much,
Paul
fieldy
2007-04-15 12:12:02 UTC
Permalink
Thanks Jim-that did the trick. I had to register them agin in DNS and all is
now good !!!

Now all i have to worry about is the speed issues. I did see a post that
mentioned that if you changed encryption to DES instead if 3DES, that would
help a little?

I will also look into pushing some more upstream to the connection (384kbps
at moment)

Appreciate the help,

Fieldy
Post by Jim Behning SBS MVP
I have some long tales at my blog that expands on some of LW's info.
http://msmvps.com/blogs/bgb/archive/2006/05/16/95140.aspx
I alos have some other ramblings in my blog that may help you.
On Fri, 13 Apr 2007 11:29:42 -0400, "Lanwench [MVP - Exchange]"
Post by Lanwench [MVP - Exchange]
Post by fieldy
Thanks for reply. What should i check on the Firewall of the remote clients?
Check for inbound ICMP settings ..
http://msdn2.microsoft.com/en-us/library/ms912869.aspx
If you have joined the remote workstations to the domain using
http://servername/connectcomputer, you may need to change the firewall
exceptions in group policy so they don't apply only to the local subnet.
Post by fieldy
I also cannot ping via machine name and only IP address?
Then your DNS isn't working right. If you type
ping machinename
and don't get
pinging machinename.domain.local
in reply, it's trying to resolve the name via broadcast (and it won't work
over the VPN connection). (You might also wish to use WINS, note.)
Post by fieldy
I have the remote clients configured with DNS pointing to the LAN
address of the SBS server.
Good- but what DNS suffix? It should be domain.local or whatever you use for
AD.... if you're using the remote NetGear for DHCP on that network, make
sure it's giving out the right info. Remove the manually-created records you
created in your DNS server's forward lookup zone and try
ipconfig /registerdns
on a client, which ought to register itself in DNS.
Once you've tried all this you might post an unedited ipconfig /all from one
of the clients, and from your server.
Post by fieldy
I would also like to speed up the connection-would that entail
throwing more upstream bandwidth at the connection?
I'm presuming you're using ADSL? I personally like SDSL much better for a
business connection.
Post by fieldy
Thanks again,
Paul
Post by fieldy
Hello,
I have after a lot of help from the group (Thank Leythos) and late
nights managed to set up a router-to-router VPN connection between 2
Netgear FVS318's (1 on SBS net and one at remote office location)
All seems to be working apart from slow printing?
What i cannot do however is ping any of the remote clients from the
SBS network, but can do the reverse on the remote network. I have
set up A records in DNS for the remote machines and a reverse
lookup, but still cannot ping-does anyone have any ideas what i
might be doing wrong?
Thanks so much,
Paul
Continue reading on narkive:
Loading...