Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: PatchPanel on February 17, 2010, 01:49:18 PM

Title: Can't Remote Access SME-Server via IPSec-VPN
Post by: PatchPanel on February 17, 2010, 01:49:18 PM

I am trying to reach my 7.4 SME-Server (Server only mode) over an IPSec-VPN.

My router (Funkwerk TR200bw) is the tunnel endpoint. No problem to establish the tunnel and also access another Windows-PC in the LAN (http, drives; with IP-address or name resolution).
My router is the DNS, WINS is handled by SME. No proxies running.

I am able to access the server using SSH (via the IPSec tunnel), SSH setting is 'allow only local access'.

I also added the network of the remote PC to the 'local networks' in SME-Server and to the Remote-Management networks.
No error messages in the router log which could help guide me in the right direction (or any).

Obviously I am missing something but I have no more idea of what.
I thought my remote PC is seen like a member of the LAN from SME-Servers point of view ?!
So I do not have to open ports/change any settings and the like.

Any help is highly appreciated.

Thanks and
kind regards
PatchPanel

Title: Re: Can't Remote Access SME-Server via IPSec-VPN
Post by: paradigm on February 17, 2010, 10:14:44 PM

Please do a tracert with the ip address of the remote sme server  and let as have a look.

Title: Re: Can't Remote Access SME-Server via IPSec-VPN
Post by: CharlieBrady on February 18, 2010, 12:24:50 AM

Quote from: PatchPanel on February 17, 2010, 01:49:18 PM

I am able to access the server using SSH (via the IPSec tunnel),

You say in the Subject that you can't access the server. Here you say that you can. What are you actually trying to do which doesn't work?

Title: Re: Can't Remote Access SME-Server via IPSec-VPN
Post by: PatchPanel on February 18, 2010, 12:48:00 AM

Hello paradigm

Quote

Please do a tracert with the ip address of the remote sme server  and let as have a look.

SME-Server (sorry, it is german language)

Code: [Select]

C:\>tracert 192.168.100.2

Routenverfolgung zu SERVER02.QUETTINGEN [192.168.100.2]  über maximal 30 Abschni
tte:

  1   155 ms   139 ms   219 ms  192.168.100.254
  2     *        *        *     Zeitüberschreitung der Anforderung. (means timeout)
  3     *        *        *     Zeitüberschreitung der Anforderung.
  4  ^C
The windows box:

Code: [Select]

C:\>tracert 192.168.100.1

Routenverfolgung zu server01.Quettingen [192.168.100.1]  über maximal 30 Abschni
tte:

  1   121 ms   158 ms   159 ms  192.168.100.254
  2   146 ms   159 ms   159 ms  server01.Quettingen [192.168.100.1]

Ablaufverfolgung beendet.
@CharlieBrady

Quote

You say in the Subject that you can't access the server. Here you say that you can. What are you actually trying to do which doesn't work?

ping, ibays, http, server-manager,
everything should work as sitting next to the SME machine, right ?

SME-Server in LAN

Code: [Select]

C:\>ping 192.168.100.2

Ping wird ausgeführt für 192.168.100.2 mit 32 Bytes Daten:

Antwort von 192.168.100.2: Bytes=32 Zeit=1ms TTL=64
Antwort von 192.168.100.2: Bytes=32 Zeit=2ms TTL=64
Antwort von 192.168.100.2: Bytes=32 Zeit=1ms TTL=64
Antwort von 192.168.100.2: Bytes=32 Zeit=1ms TTL=64

Ping-Statistik für 192.168.100.2:
    Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 1ms, Maximum = 2ms, Mittelwert = 1ms

regards
PatchPanel