2 servers and 3 nics = pain of my life

Hi there,

I have already posted in the Windows XP forum - tbh - i think that was
incorrect for my issue - thanks to Robert L. (MS-MVP) for his suggestions,
however i feel posting in the right forum/discussion group can only aid my
cause in end to resolve my issue if possible.

In a nutshell, i have two sites linked via a vpn

Site A Server:

Two Nic's:

One nic is plugged into the router with an address of

192.168.15.2
255.255.255.0
192.168.15.254 (gw)

The other nic is plugged into the local network and has the following address

192.168.16.1
255.255.255.0
(No gateway set)


Site B Server

One nic plugged into the switch (router plugged into switch)

192.168.44.8
255.255.255.0
192.168.44.29 (gw)


Now i can sit at site B and open a rdp connection to Site A's server
(192.168.15.2)

If i try from site B to access via rdp again, only this time going for site
A's other nic's address 192.168.16.1 - it fails.

If i rdp onto site A's 192.168.15.2 - then from within the sessions desktop
i open the following:

Start \ Run

\\192.168.16.1

...........it opens it own network shares - which is expected

if i repeat the process, entering the other nic address of \\192.168.15.2 it
fails - (could not open network share msg)

If i repeat the process, only entering the address of site A's server,
\\192.168.44.8 - it opens it - after authentication.

Going in the other direction, rdp to Site B, then trying to reach
\\192.168.16.1 - fails

trying to reach \\192.168.15.2 displays an authentication requestor - which
i cannot seem to get past - all authentication attempts just seem to
fail/ignore.



It sounds far down the line, but my end goal is to allow Citrix users to
print on their local printers.

Citrix is hosted at site B and the clients and their printers are hosted at
site A - i cannot install the printers into Citrix as i cannot reach them...

i feel that this all can be fixed with the addition to site A's routing
table, but my brain turns to fudge when i try to think about it...


Any help would be gratefully appreciated...

Is the Site A server DC? Do you setup Windows VPN or 3rd party VPN? Have you
enabled the IP routing on A server?

--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"MrOrange" <(E-Mail Removed)> wrote in message
news:153C75C5-9F46-4362-8925-(E-Mail Removed)...
> Hi there,
>
> I have already posted in the Windows XP forum - tbh - i think that was
> incorrect for my issue - thanks to Robert L. (MS-MVP) for his
> suggestions,
> however i feel posting in the right forum/discussion group can only aid my
> cause in end to resolve my issue if possible.
>
> In a nutshell, i have two sites linked via a vpn
>
> Site A Server:
>
> Two Nic's:
>
> One nic is plugged into the router with an address of
>
> 192.168.15.2
> 255.255.255.0
> 192.168.15.254 (gw)
>
> The other nic is plugged into the local network and has the following
> address
>
> 192.168.16.1
> 255.255.255.0
> (No gateway set)
>
>
> Site B Server
>
> One nic plugged into the switch (router plugged into switch)
>
> 192.168.44.8
> 255.255.255.0
> 192.168.44.29 (gw)
>
>
> Now i can sit at site B and open a rdp connection to Site A's server
> (192.168.15.2)
>
> If i try from site B to access via rdp again, only this time going for
> site
> A's other nic's address 192.168.16.1 - it fails.
>
> If i rdp onto site A's 192.168.15.2 - then from within the sessions
> desktop
> i open the following:
>
> Start \ Run
>
> \\192.168.16.1
>
> ..........it opens it own network shares - which is expected
>
> if i repeat the process, entering the other nic address of \\192.168.15.2
> it
> fails - (could not open network share msg)
>
> If i repeat the process, only entering the address of site A's server,
> \\192.168.44.8 - it opens it - after authentication.
>
> Going in the other direction, rdp to Site B, then trying to reach
> \\192.168.16.1 - fails
>
> trying to reach \\192.168.15.2 displays an authentication requestor -
> which
> i cannot seem to get past - all authentication attempts just seem to
> fail/ignore.
>
>
>
> It sounds far down the line, but my end goal is to allow Citrix users to
> print on their local printers.
>
> Citrix is hosted at site B and the clients and their printers are hosted
> at
> site A - i cannot install the printers into Citrix as i cannot reach
> them...
>
> i feel that this all can be fixed with the addition to site A's routing
> table, but my brain turns to fudge when i try to think about it...
>
>
> Any help would be gratefully appreciated...
>
>

Yes - site A is a Dc -

As for the VPN Its a 3rd party managed VPN service using Nortel routers..

I havent enabled ip routing - i just assumed it was on already - do i need
it? where do i switch it on? Sorry for sounding like a noob, your help is
greatly appreciated!!



"Robert L. (MS-MVP)" wrote:

> Is the Site A server DC? Do you setup Windows VPN or 3rd party VPN? Have you
> enabled the IP routing on A server?
>
> --
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on
> http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on
> http://www.HowToNetworking.com
> "MrOrange" <(E-Mail Removed)> wrote in message
> news:153C75C5-9F46-4362-8925-(E-Mail Removed)...
> > Hi there,
> >
> > I have already posted in the Windows XP forum - tbh - i think that was
> > incorrect for my issue - thanks to Robert L. (MS-MVP) for his
> > suggestions,
> > however i feel posting in the right forum/discussion group can only aid my
> > cause in end to resolve my issue if possible.
> >
> > In a nutshell, i have two sites linked via a vpn
> >
> > Site A Server:
> >
> > Two Nic's:
> >
> > One nic is plugged into the router with an address of
> >
> > 192.168.15.2
> > 255.255.255.0
> > 192.168.15.254 (gw)
> >
> > The other nic is plugged into the local network and has the following
> > address
> >
> > 192.168.16.1
> > 255.255.255.0
> > (No gateway set)
> >
> >
> > Site B Server
> >
> > One nic plugged into the switch (router plugged into switch)
> >
> > 192.168.44.8
> > 255.255.255.0
> > 192.168.44.29 (gw)
> >
> >
> > Now i can sit at site B and open a rdp connection to Site A's server
> > (192.168.15.2)
> >
> > If i try from site B to access via rdp again, only this time going for
> > site
> > A's other nic's address 192.168.16.1 - it fails.
> >
> > If i rdp onto site A's 192.168.15.2 - then from within the sessions
> > desktop
> > i open the following:
> >
> > Start \ Run
> >
> > \\192.168.16.1
> >
> > ..........it opens it own network shares - which is expected
> >
> > if i repeat the process, entering the other nic address of \\192.168.15.2
> > it
> > fails - (could not open network share msg)
> >
> > If i repeat the process, only entering the address of site A's server,
> > \\192.168.44.8 - it opens it - after authentication.
> >
> > Going in the other direction, rdp to Site B, then trying to reach
> > \\192.168.16.1 - fails
> >
> > trying to reach \\192.168.15.2 displays an authentication requestor -
> > which
> > i cannot seem to get past - all authentication attempts just seem to
> > fail/ignore.
> >
> >
> >
> > It sounds far down the line, but my end goal is to allow Citrix users to
> > print on their local printers.
> >
> > Citrix is hosted at site B and the clients and their printers are hosted
> > at
> > site A - i cannot install the printers into Citrix as i cannot reach
> > them...
> >
> > i feel that this all can be fixed with the addition to site A's routing
> > table, but my brain turns to fudge when i try to think about it...
> >
> >
> > Any help would be gratefully appreciated...
> >
> >
>
>

1. It is not recommended to run a DC on a multihomed computer. If you do,
you may have a name resolution or routing issue. This search result may
help..
Name resolution on VPN
Can't ping VPN client by name Connection issues on DC, ISA, DNS and
WINS server as VPN server DNS and Split Tunneling for VPN? How to assign DNS
and WINS on ...
www.chicagotech.net/nameresolutionpnvpn.htm

2. Since you are using 3rd party VPN, you need not only enable IP
routing on the windows server but also Nortel router needs to have a route
point to 192.168.16.0/24. The following how to may help.
Routing how to
How to disable ip routing/forwarding on a W2K Pro? ... For
example, the Generic Routing Encapsulation (GRE) IP protocol (protocol
number 47) is added to the ...
www.howtonetworking.com/Networking/routing.htm - Similar pages

ipconfig
To enable IP routing on W2K/XP, go to the properties of the
connection>TCP/IP>Advanced>Options>IP Filtering, check Enable IP Filtering.
....
www.howtonetworking.com/Networking/ipconfig.htm




--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"MrOrange" <(E-Mail Removed)> wrote in message
news:4F01A0CF-2B7A-4910-BB85-(E-Mail Removed)...
> Yes - site A is a Dc -
>
> As for the VPN Its a 3rd party managed VPN service using Nortel routers..
>
> I havent enabled ip routing - i just assumed it was on already - do i need
> it? where do i switch it on? Sorry for sounding like a noob, your help is
> greatly appreciated!!
>
>
>
> "Robert L. (MS-MVP)" wrote:
>
>> Is the Site A server DC? Do you setup Windows VPN or 3rd party VPN? Have
>> you
>> enabled the IP routing on A server?
>>
>> --
>> Bob Lin, MS-MVP, MCSE & CNE
>> Networking, Internet, Routing, VPN Troubleshooting on
>> http://www.ChicagoTech.net
>> How to Setup Windows, Network, VPN & Remote Access on
>> http://www.HowToNetworking.com
>> "MrOrange" <(E-Mail Removed)> wrote in message
>> news:153C75C5-9F46-4362-8925-(E-Mail Removed)...
>> > Hi there,
>> >
>> > I have already posted in the Windows XP forum - tbh - i think that was
>> > incorrect for my issue - thanks to Robert L. (MS-MVP) for his
>> > suggestions,
>> > however i feel posting in the right forum/discussion group can only aid
>> > my
>> > cause in end to resolve my issue if possible.
>> >
>> > In a nutshell, i have two sites linked via a vpn
>> >
>> > Site A Server:
>> >
>> > Two Nic's:
>> >
>> > One nic is plugged into the router with an address of
>> >
>> > 192.168.15.2
>> > 255.255.255.0
>> > 192.168.15.254 (gw)
>> >
>> > The other nic is plugged into the local network and has the following
>> > address
>> >
>> > 192.168.16.1
>> > 255.255.255.0
>> > (No gateway set)
>> >
>> >
>> > Site B Server
>> >
>> > One nic plugged into the switch (router plugged into switch)
>> >
>> > 192.168.44.8
>> > 255.255.255.0
>> > 192.168.44.29 (gw)
>> >
>> >
>> > Now i can sit at site B and open a rdp connection to Site A's server
>> > (192.168.15.2)
>> >
>> > If i try from site B to access via rdp again, only this time going for
>> > site
>> > A's other nic's address 192.168.16.1 - it fails.
>> >
>> > If i rdp onto site A's 192.168.15.2 - then from within the sessions
>> > desktop
>> > i open the following:
>> >
>> > Start \ Run
>> >
>> > \\192.168.16.1
>> >
>> > ..........it opens it own network shares - which is expected
>> >
>> > if i repeat the process, entering the other nic address of
>> > \\192.168.15.2
>> > it
>> > fails - (could not open network share msg)
>> >
>> > If i repeat the process, only entering the address of site A's server,
>> > \\192.168.44.8 - it opens it - after authentication.
>> >
>> > Going in the other direction, rdp to Site B, then trying to reach
>> > \\192.168.16.1 - fails
>> >
>> > trying to reach \\192.168.15.2 displays an authentication requestor -
>> > which
>> > i cannot seem to get past - all authentication attempts just seem to
>> > fail/ignore.
>> >
>> >
>> >
>> > It sounds far down the line, but my end goal is to allow Citrix users
>> > to
>> > print on their local printers.
>> >
>> > Citrix is hosted at site B and the clients and their printers are
>> > hosted
>> > at
>> > site A - i cannot install the printers into Citrix as i cannot reach
>> > them...
>> >
>> > i feel that this all can be fixed with the addition to site A's routing
>> > table, but my brain turns to fudge when i try to think about it...
>> >
>> >
>> > Any help would be gratefully appreciated...
>> >
>> >
>>
>>

Hi Robert,

Thanks for your suggestions - im not so bothered about dns at the moment, if
i could only reach the network would be a start via ip - i cant ping it at
all... which makes me think that what you said :

"Since you are using 3rd party VPN, you need not only enable IP
routing on the windows server but also Nortel router needs to have a route
point to 192.168.16.0/24."

...will nail the issue - im going to have a word with our VPN hosts, i will
post back the outcome.

"Robert L. (MS-MVP)" wrote:

> 1. It is not recommended to run a DC on a multihomed computer. If you do,
> you may have a name resolution or routing issue. This search result may
> help..
> Name resolution on VPN
> Can't ping VPN client by name Connection issues on DC, ISA, DNS and
> WINS server as VPN server DNS and Split Tunneling for VPN? How to assign DNS
> and WINS on ...
> www.chicagotech.net/nameresolutionpnvpn.htm
>
> 2. Since you are using 3rd party VPN, you need not only enable IP
> routing on the windows server but also Nortel router needs to have a route
> point to 192.168.16.0/24. The following how to may help.
> Routing how to
> How to disable ip routing/forwarding on a W2K Pro? ... For
> example, the Generic Routing Encapsulation (GRE) IP protocol (protocol
> number 47) is added to the ...
> www.howtonetworking.com/Networking/routing.htm - Similar pages
>
> ipconfig
> To enable IP routing on W2K/XP, go to the properties of the
> connection>TCP/IP>Advanced>Options>IP Filtering, check Enable IP Filtering.
> ....
> www.howtonetworking.com/Networking/ipconfig.htm
>
>
>
>
> --
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on
> http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on
> http://www.HowToNetworking.com
> "MrOrange" <(E-Mail Removed)> wrote in message
> news:4F01A0CF-2B7A-4910-BB85-(E-Mail Removed)...
> > Yes - site A is a Dc -
> >
> > As for the VPN Its a 3rd party managed VPN service using Nortel routers..
> >
> > I havent enabled ip routing - i just assumed it was on already - do i need
> > it? where do i switch it on? Sorry for sounding like a noob, your help is
> > greatly appreciated!!
> >
> >
> >
> > "Robert L. (MS-MVP)" wrote:
> >
> >> Is the Site A server DC? Do you setup Windows VPN or 3rd party VPN? Have
> >> you
> >> enabled the IP routing on A server?
> >>
> >> --
> >> Bob Lin, MS-MVP, MCSE & CNE
> >> Networking, Internet, Routing, VPN Troubleshooting on
> >> http://www.ChicagoTech.net
> >> How to Setup Windows, Network, VPN & Remote Access on
> >> http://www.HowToNetworking.com
> >> "MrOrange" <(E-Mail Removed)> wrote in message
> >> news:153C75C5-9F46-4362-8925-(E-Mail Removed)...
> >> > Hi there,
> >> >
> >> > I have already posted in the Windows XP forum - tbh - i think that was
> >> > incorrect for my issue - thanks to Robert L. (MS-MVP) for his
> >> > suggestions,
> >> > however i feel posting in the right forum/discussion group can only aid
> >> > my
> >> > cause in end to resolve my issue if possible.
> >> >
> >> > In a nutshell, i have two sites linked via a vpn
> >> >
> >> > Site A Server:
> >> >
> >> > Two Nic's:
> >> >
> >> > One nic is plugged into the router with an address of
> >> >
> >> > 192.168.15.2
> >> > 255.255.255.0
> >> > 192.168.15.254 (gw)
> >> >
> >> > The other nic is plugged into the local network and has the following
> >> > address
> >> >
> >> > 192.168.16.1
> >> > 255.255.255.0
> >> > (No gateway set)
> >> >
> >> >
> >> > Site B Server
> >> >
> >> > One nic plugged into the switch (router plugged into switch)
> >> >
> >> > 192.168.44.8
> >> > 255.255.255.0
> >> > 192.168.44.29 (gw)
> >> >
> >> >
> >> > Now i can sit at site B and open a rdp connection to Site A's server
> >> > (192.168.15.2)
> >> >
> >> > If i try from site B to access via rdp again, only this time going for
> >> > site
> >> > A's other nic's address 192.168.16.1 - it fails.
> >> >
> >> > If i rdp onto site A's 192.168.15.2 - then from within the sessions
> >> > desktop
> >> > i open the following:
> >> >
> >> > Start \ Run
> >> >
> >> > \\192.168.16.1
> >> >
> >> > ..........it opens it own network shares - which is expected
> >> >
> >> > if i repeat the process, entering the other nic address of
> >> > \\192.168.15.2
> >> > it
> >> > fails - (could not open network share msg)
> >> >
> >> > If i repeat the process, only entering the address of site A's server,
> >> > \\192.168.44.8 - it opens it - after authentication.
> >> >
> >> > Going in the other direction, rdp to Site B, then trying to reach
> >> > \\192.168.16.1 - fails
> >> >
> >> > trying to reach \\192.168.15.2 displays an authentication requestor -
> >> > which
> >> > i cannot seem to get past - all authentication attempts just seem to
> >> > fail/ignore.
> >> >
> >> >
> >> >
> >> > It sounds far down the line, but my end goal is to allow Citrix users
> >> > to
> >> > print on their local printers.
> >> >
> >> > Citrix is hosted at site B and the clients and their printers are
> >> > hosted
> >> > at
> >> > site A - i cannot install the printers into Citrix as i cannot reach
> >> > them...
> >> >
> >> > i feel that this all can be fixed with the addition to site A's routing
> >> > table, but my brain turns to fudge when i try to think about it...
> >> >
> >> >
> >> > Any help would be gratefully appreciated...
> >> >
> >> >
> >>
> >>
>
>

For anyone interested - the answer ended up being quite simple - i just redid
the network topology to suit single nic setup - lol then there was no issue
routing the traffic between the two nics

thanks again for your suggestions Robert

Kind Regards

Mr Orange


"MrOrange" wrote:

> Hi there,
>
> I have already posted in the Windows XP forum - tbh - i think that was
> incorrect for my issue - thanks to Robert L. (MS-MVP) for his suggestions,
> however i feel posting in the right forum/discussion group can only aid my
> cause in end to resolve my issue if possible.
>
> In a nutshell, i have two sites linked via a vpn
>
> Site A Server:
>
> Two Nic's:
>
> One nic is plugged into the router with an address of
>
> 192.168.15.2
> 255.255.255.0
> 192.168.15.254 (gw)
>
> The other nic is plugged into the local network and has the following address
>
> 192.168.16.1
> 255.255.255.0
> (No gateway set)
>
>
> Site B Server
>
> One nic plugged into the switch (router plugged into switch)
>
> 192.168.44.8
> 255.255.255.0
> 192.168.44.29 (gw)
>
>
> Now i can sit at site B and open a rdp connection to Site A's server
> (192.168.15.2)
>
> If i try from site B to access via rdp again, only this time going for site
> A's other nic's address 192.168.16.1 - it fails.
>
> If i rdp onto site A's 192.168.15.2 - then from within the sessions desktop
> i open the following:
>
> Start \ Run
>
> \\192.168.16.1
>
> ..........it opens it own network shares - which is expected
>
> if i repeat the process, entering the other nic address of \\192.168.15.2 it
> fails - (could not open network share msg)
>
> If i repeat the process, only entering the address of site A's server,
> \\192.168.44.8 - it opens it - after authentication.
>
> Going in the other direction, rdp to Site B, then trying to reach
> \\192.168.16.1 - fails
>
> trying to reach \\192.168.15.2 displays an authentication requestor - which
> i cannot seem to get past - all authentication attempts just seem to
> fail/ignore.
>
>
>
> It sounds far down the line, but my end goal is to allow Citrix users to
> print on their local printers.
>
> Citrix is hosted at site B and the clients and their printers are hosted at
> site A - i cannot install the printers into Citrix as i cannot reach them...
>
> i feel that this all can be fixed with the addition to site A's routing
> table, but my brain turns to fudge when i try to think about it...
>
>
> Any help would be gratefully appreciated...
>
>