VPN and SP2 issue

G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I am running a Win2k3 vpn server for over a year with no problems. The VPN
server is multi-homed and on the trusted side it is on our corporate
segment. We also have a number of segments in our data center that are
accessible via the corporate segement. A non-SP2 windows XP client that
connects to the VPN server is able to access everything in the data center
as well. A SP2 Windows XP client can only access the corporate segement.
attempts to access the data center time out. The client used to get a
default route set for the VPN connection. That does not appear to be
happening anymore, which keeps the client from knowing how to route to any
other segment.

Matt
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

"nogo@nospam.nospam" wrote:

> I am running a Win2k3 vpn server for over a
year with no problems. The VPN
> server is multi-homed and on the trusted
side it is on our corporate
> segment. We also have a number of segments in
our data center that are
> accessible via the corporate segement. A non-SP2
windows XP client that
> connects to the VPN server is able to access
everything in the data center
> as well. A SP2 Windows XP client can only
access the corporate segement.
> attempts to access the data center time
out. The client used to get a
> default route set for the VPN connection.
That does not appear to be
> happening anymore, which keeps the client from
knowing how to route to any
> other segment.
>
> Matt
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

set a jstub and 0 cert to host and recieve
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi Matt. I am having the exact same issue. My temporary
solution was to have the clients enter a ROUTE ADD
command. I don't know what Microsoft changed in SP2 but it
used to work great in Windows 2000 and XP SP1. If you come
up with a permanent solution please post it here. Thanks.
Corbin.

>-----Original Message-----
>I am running a Win2k3 vpn server for over a year with no
problems. The VPN
>server is multi-homed and on the trusted side it is on
our corporate
>segment. We also have a number of segments in our data
center that are
>accessible via the corporate segement. A non-SP2 windows
XP client that
>connects to the VPN server is able to access everything
in the data center
>as well. A SP2 Windows XP client can only access the
corporate segement.
>attempts to access the data center time out. The client
used to get a
>default route set for the VPN connection. That does not
appear to be
>happening anymore, which keeps the client from knowing
how to route to any
>other segment.
>
>Matt
>
>
>.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

This sounds like a good candidate for Microsoft PSS support for SP2 issues,
which is free:

http://support.microsoft.com/default.aspx?scid=fh;en-us;Prodoffer80&sd=GN


"Corbin O'Reilly" <corbinoreilly@bellsouth.net> wrote in message
news:2a9201c4aa19$a1654750$a301280a@phx.gbl...
> Hi Matt. I am having the exact same issue. My temporary
> solution was to have the clients enter a ROUTE ADD
> command. I don't know what Microsoft changed in SP2 but it
> used to work great in Windows 2000 and XP SP1. If you come
> up with a permanent solution please post it here. Thanks.
> Corbin.
>
>>-----Original Message-----
>>I am running a Win2k3 vpn server for over a year with no
> problems. The VPN
>>server is multi-homed and on the trusted side it is on
> our corporate
>>segment. We also have a number of segments in our data
> center that are
>>accessible via the corporate segement. A non-SP2 windows
> XP client that
>>connects to the VPN server is able to access everything
> in the data center
>>as well. A SP2 Windows XP client can only access the
> corporate segement.
>>attempts to access the data center time out. The client
> used to get a
>>default route set for the VPN connection. That does not
> appear to be
>>happening anymore, which keeps the client from knowing
> how to route to any
>>other segment.
>>
>>Matt
>>
>>
>>.
>>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I found a link in the sp2 list of fixes....

http://support.microsoft.com/?kbid=331816

it doesn't solve the problem, but it can give you an idea of what they
changed......good luck


<nogo@nospam.nospam> wrote in message
news:ujlwE3ZqEHA.2764@TK2MSFTNGP11.phx.gbl...
>I am running a Win2k3 vpn server for over a year with no problems. The VPN
>server is multi-homed and on the trusted side it is on our corporate
>segment. We also have a number of segments in our data center that are
>accessible via the corporate segement. A non-SP2 windows XP client that
>connects to the VPN server is able to access everything in the data center
>as well. A SP2 Windows XP client can only access the corporate segement.
>attempts to access the data center time out. The client used to get a
>default route set for the VPN connection. That does not appear to be
>happening anymore, which keeps the client from knowing how to route to any
>other segment.
>
> Matt
>
 

matt

Distinguished
Apr 2, 2004
321
0
18,780
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I took Bill's advice and have posted this to PSS. I have been using the
route add workaround for now. I will post any fix I get.

<nogo@nospam.nospam> wrote in message
news:ujlwE3ZqEHA.2764@TK2MSFTNGP11.phx.gbl...
>I am running a Win2k3 vpn server for over a year with no problems. The VPN
>server is multi-homed and on the trusted side it is on our corporate
>segment. We also have a number of segments in our data center that are
>accessible via the corporate segement. A non-SP2 windows XP client that
>connects to the VPN server is able to access everything in the data center
>as well. A SP2 Windows XP client can only access the corporate segement.
>attempts to access the data center time out. The client used to get a
>default route set for the VPN connection. That does not appear to be
>happening anymore, which keeps the client from knowing how to route to any
>other segment.
>
> Matt
>
 

jeff

Distinguished
Apr 5, 2004
1,172
0
19,280
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I too am having this very issue. We've been successfully connecting remote
clients for over a year and now XP SP2 users can connect but not see any
subnets other than the subnet of their vpn connection. Immediately after a
connection I can do a route print and see the route I've configured on the
RRAS server. I can even start to ping remote subnets, but after about six
replies it dies and then the route is no longer in the list. I've created
this batch file to lookup the interface number and then add the route. It
works but I don't like this solution becuase it's just a hack. We need a
fix!

for /f "tokens=1,2" %%i in ('route print^|find "WAN"') do route add 10.0.0.0
mask 255.0.0.0 10.1.11.1 metric 1 IF %%i

Anyone who gets a solution please post it.

Thanks Jeff


"nogo@nospam.nospam" wrote:

> I am running a Win2k3 vpn server for over a year with no problems. The VPN
> server is multi-homed and on the trusted side it is on our corporate
> segment. We also have a number of segments in our data center that are
> accessible via the corporate segement. A non-SP2 windows XP client that
> connects to the VPN server is able to access everything in the data center
> as well. A SP2 Windows XP client can only access the corporate segement.
> attempts to access the data center time out. The client used to get a
> default route set for the VPN connection. That does not appear to be
> happening anymore, which keeps the client from knowing how to route to any
> other segment.
>
> Matt
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Is this a PPTP or a L2TP-based VPN?
---
Jeffrey Randow (Windows Networking MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows Network Technology Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
Windows Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx

On Tue, 7 Dec 2004 11:21:06 -0800, "Jeff"
<Jeff@discussions.microsoft.com> wrote:

>I too am having this very issue. We've been successfully connecting remote
>clients for over a year and now XP SP2 users can connect but not see any
>subnets other than the subnet of their vpn connection. Immediately after a
>connection I can do a route print and see the route I've configured on the
>RRAS server. I can even start to ping remote subnets, but after about six
>replies it dies and then the route is no longer in the list. I've created
>this batch file to lookup the interface number and then add the route. It
>works but I don't like this solution becuase it's just a hack. We need a
>fix!
>
>for /f "tokens=1,2" %%i in ('route print^|find "WAN"') do route add 10.0.0.0
>mask 255.0.0.0 10.1.11.1 metric 1 IF %%i
>
>Anyone who gets a solution please post it.
>
>Thanks Jeff
>
>
>"nogo@nospam.nospam" wrote:
>
>> I am running a Win2k3 vpn server for over a year with no problems. The VPN
>> server is multi-homed and on the trusted side it is on our corporate
>> segment. We also have a number of segments in our data center that are
>> accessible via the corporate segement. A non-SP2 windows XP client that
>> connects to the VPN server is able to access everything in the data center
>> as well. A SP2 Windows XP client can only access the corporate segement.
>> attempts to access the data center time out. The client used to get a
>> default route set for the VPN connection. That does not appear to be
>> happening anymore, which keeps the client from knowing how to route to any
>> other segment.
>>
>> Matt
>>
>>
>>
 

jeff

Distinguished
Apr 5, 2004
1,172
0
19,280
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

We are using PPTP. I can attempt this using L2TP and see if I get the same
result. I'm out of town this week but will attempt it when I get back.

"Jeffrey Randow (MVP)" wrote:

> Is this a PPTP or a L2TP-based VPN?
> ---
> Jeffrey Randow (Windows Networking MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows Network Technology Community -
> http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
> Windows Home Networking Community -
> http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx
>
> On Tue, 7 Dec 2004 11:21:06 -0800, "Jeff"
> <Jeff@discussions.microsoft.com> wrote:
>
> >I too am having this very issue. We've been successfully connecting remote
> >clients for over a year and now XP SP2 users can connect but not see any
> >subnets other than the subnet of their vpn connection. Immediately after a
> >connection I can do a route print and see the route I've configured on the
> >RRAS server. I can even start to ping remote subnets, but after about six
> >replies it dies and then the route is no longer in the list. I've created
> >this batch file to lookup the interface number and then add the route. It
> >works but I don't like this solution becuase it's just a hack. We need a
> >fix!
> >
> >for /f "tokens=1,2" %%i in ('route print^|find "WAN"') do route add 10.0.0.0
> >mask 255.0.0.0 10.1.11.1 metric 1 IF %%i
> >
> >Anyone who gets a solution please post it.
> >
> >Thanks Jeff
> >
> >
> >"nogo@nospam.nospam" wrote:
> >
> >> I am running a Win2k3 vpn server for over a year with no problems. The VPN
> >> server is multi-homed and on the trusted side it is on our corporate
> >> segment. We also have a number of segments in our data center that are
> >> accessible via the corporate segement. A non-SP2 windows XP client that
> >> connects to the VPN server is able to access everything in the data center
> >> as well. A SP2 Windows XP client can only access the corporate segement.
> >> attempts to access the data center time out. The client used to get a
> >> default route set for the VPN connection. That does not appear to be
> >> happening anymore, which keeps the client from knowing how to route to any
> >> other segment.
> >>
> >> Matt
> >>
> >>
> >>
>
>
 

jeff

Distinguished
Apr 5, 2004
1,172
0
19,280
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I get the same result using L2TP.

"Jeffrey Randow (MVP)" wrote:

> Is this a PPTP or a L2TP-based VPN?
> ---
> Jeffrey Randow (Windows Networking MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows Network Technology Community -
> http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
> Windows Home Networking Community -
> http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx
>
> On Tue, 7 Dec 2004 11:21:06 -0800, "Jeff"
> <Jeff@discussions.microsoft.com> wrote:
>
> >I too am having this very issue. We've been successfully connecting remote
> >clients for over a year and now XP SP2 users can connect but not see any
> >subnets other than the subnet of their vpn connection. Immediately after a
> >connection I can do a route print and see the route I've configured on the
> >RRAS server. I can even start to ping remote subnets, but after about six
> >replies it dies and then the route is no longer in the list. I've created
> >this batch file to lookup the interface number and then add the route. It
> >works but I don't like this solution becuase it's just a hack. We need a
> >fix!
> >
> >for /f "tokens=1,2" %%i in ('route print^|find "WAN"') do route add 10.0.0.0
> >mask 255.0.0.0 10.1.11.1 metric 1 IF %%i
> >
> >Anyone who gets a solution please post it.
> >
> >Thanks Jeff
> >
> >
> >"nogo@nospam.nospam" wrote:
> >
> >> I am running a Win2k3 vpn server for over a year with no problems. The VPN
> >> server is multi-homed and on the trusted side it is on our corporate
> >> segment. We also have a number of segments in our data center that are
> >> accessible via the corporate segement. A non-SP2 windows XP client that
> >> connects to the VPN server is able to access everything in the data center
> >> as well. A SP2 Windows XP client can only access the corporate segement.
> >> attempts to access the data center time out. The client used to get a
> >> default route set for the VPN connection. That does not appear to be
> >> happening anymore, which keeps the client from knowing how to route to any
> >> other segment.
> >>
> >> Matt
> >>
> >>
> >>
>
>