GuinnesxMemberDecember 1, 2006 at 5:38 am #118389
We only have a small office lan using a cisco pix 501 firewall for vpn behind the router, the physical setup of the 501 is the external interface with public static address and the internal interface is connected to the lan switch, vpn connections are forwarded to the windows 2003 server running Routing/remote access server. When a vpn client using the cisco vpn client utility connects they can connect to the server and the shares, the problem is that other servers on the lan had the rar service installed previously and clients on vpn cannot connect folders on them unless the routing and remote access service is running on that particular server which does not seem correct to have to have it running on all servers that vpn clients need to connect to ?, is this because the 501 is connected to a switch opposed to directly to the main routing and remote access server ?, any help would be greatly appreciated
thanks for taking the time to read my question
theterranautMemberDecember 5, 2006 at 10:14 am #285852
Re: Cisco 501 network setup
Sounds like the RRAS server is restricting access to the other servers, for some reason.
I haven’t really a clue about this thing. (FWIW, I would have just used IAS, and authenticated to AD from this via my vpn- but there you go.)
Is there an obvious place in RRAS where you can restrict the resources a user is allowed to connect to? Is there a way you can sort of expand this and allow a connection to further resources? Sorry, guessing here.
Actually- it seems very odd that adding RRAS solves this problem. What does AD say about how many RRAS servers there are out there?
Sorry I cant be more help-
You must be logged in to reply to this topic.