I have a Windows 2003 SBS box. It has 2 physical NIC's: WAN and LAN. The WAN is a public IP. The LAN is a simple 192.168.2.x subnet with Microsoft DHCP Server. Microsoft Routing and Remote Access Service is used to provide NAT to LAN. The box also runs VMware Server with a virtual machine running Windows XP. I want people to be able to VPN into the box, and connect to these virtual machines on the MSRDP port. I can VPN (PPTP) into the 2003 SBS box fine, as well as ping other machines on the LAN.
- I can ping the VM from a physical workstation on the LAN and vice-versa.
- I can ping the VPN client from the a physical workstation on the LAN and vice-versa.
- I can ping the Server from the VPN client
- EDIT: I cannot ping the VPN client from the Server!
- I can ping the VM client from the Server console and vice-versa.
- But I cannot ping the VPN client from the VM and vice-versa.
I was hoping to set up 2 or 3 Windows XP virtual machines on our only server, so that a couple of people can VPN then RDP in to work without having to leave a physical machine on in the office. You could this attempted set up a "poor mans terminal server".
On the 2003 SBS Server:-
C:\Documents and Settings\Administrator>route print
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x10004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10005 ...00 11 43 d4 69 13 ...... Broadcom NetXtreme Gigabit Ethernet
0x10006 ...00 11 43 d4 69 14 ...... Broadcom NetXtreme Gigabit Ethernet #2
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 81.123.144.22 81.123.144.21 1
81.123.144.20 255.255.255.252 81.123.144.21 81.123.144.21 1
81.123.144.21 255.255.255.255 127.0.0.1 127.0.0.1 1
81.255.255.255 255.255.255.255 81.123.144.21 81.123.144.21 1
86.135.78.235 255.255.255.255 81.123.144.22 81.123.144.21 1
109.152.62.236 255.255.255.255 81.123.144.22 81.123.144.21 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.3 192.168.2.3 1
192.168.2.3 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.2.26 255.255.255.255 192.168.2.32 192.168.2.32 1
192.168.2.28 255.255.255.255 192.168.2.32 192.168.2.32 1
192.168.2.32 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.2.50 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.2.255 255.255.255.255 192.168.2.3 192.168.2.3 1
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 20
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1 20
192.168.96.0 255.255.255.0 192.168.96.1 192.168.96.1 20
192.168.96.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.96.255 255.255.255.255 192.168.96.1 192.168.96.1 20
224.0.0.0 240.0.0.0 81.123.144.21 81.123.144.21 1
224.0.0.0 240.0.0.0 192.168.2.3 192.168.2.3 1
224.0.0.0 240.0.0.0 192.168.10.1 192.168.10.1 20
224.0.0.0 240.0.0.0 192.168.96.1 192.168.96.1 20
255.255.255.255 255.255.255.255 81.123.144.21 81.123.144.21 1
255.255.255.255 255.255.255.255 192.168.2.3 192.168.2.3 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.96.1 192.168.96.1 1
Default Gateway: 81.123.144.22
===========================================================================
Persistent Routes:
None
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : 2003server
Primary Dns Suffix . . . . . . . : mycompany.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : mycompany.local
gateway.2wire.net
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.96.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.2.32
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-11-43-D4-69-13
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.2.50
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.2.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.3
Primary WINS Server . . . . . . . : 192.168.2.3
Ethernet adapter WAN:
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
Physical Address. . . . . . . . . : 00-11-43-D4-69-14
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 81.123.144.21
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . : 81.123.144.22
DHCP Server . . . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 10.0.0.1
Primary WINS Server . . . . . . . : 192.168.2.3
NetBIOS over Tcpip. . . . . . . . : Disabled
Lease Obtained. . . . . . . . . . : 25 February 2011 22:56:59
Lease Expires . . . . . . . . . . : 25 February 2011 23:06:59
C:\Documents and Settings\Administrator>ping 192.168.2.11
Pinging 192.168.2.11 with 32 bytes of data:
Reply from 192.168.2.11: bytes=32 time<1ms TTL=128
Reply from 192.168.2.11: bytes=32 time<1ms TTL=128
Reply from 192.168.2.11: bytes=32 time<1ms TTL=128
Reply from 192.168.2.11: bytes=32 time<1ms TTL=128
On the VPN client:-
C:\>tracert 192.168.2.3 ## THIS IS THE SBS SERVER
Tracing route to 2003server.mycompany.local [192.168.2.3]
over a maximum of 30 hops:
1 59 ms 58 ms 61 ms 2003server.mycompany.local [192.168.2.3]
Trace complete.
C:\>tracert 192.168.2.14 ## THIS IS A PHYSICAL LAN COMPUTER
Tracing route to ws2001.mycompany.local [192.168.2.14]
over a maximum of 30 hops:
1 57 ms 57 ms 56 ms 192.168.2.32
2 64 ms 63 ms 59 ms ws2001.mycompany.local [192.168.2.14]
Trace complete.
C:\>tracert 192.168.2.11 ## THIS IS THE VM
Tracing route to ws2009.mycompany.local [192.168.2.11]
over a maximum of 30 hops:
1 69 ms 58 ms 56 ms 192.168.2.32
2 * * * Request timed out.
3 * * * Request timed out.
(the rest is omitted, all timeouts)
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.131.104.16 9256
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.104 25
5.0.0.0 255.0.0.0 On-link 5.131.104.16 9256
5.131.104.16 255.255.255.255 On-link 5.131.104.16 9256
5.255.255.255 255.255.255.255 On-link 5.131.104.16 9256
81.149.144.21 255.255.255.255 192.168.2.1 192.168.2.104 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.104 281
192.168.2.0 255.255.255.0 192.168.2.32 192.168.2.23 26
192.168.2.23 255.255.255.255 On-link 192.168.2.23 281
192.168.2.104 255.255.255.255 On-link 192.168.2.104 281
192.168.2.255 255.255.255.255 On-link 192.168.2.104 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 5.131.104.16 9256
224.0.0.0 240.0.0.0 On-link 192.168.2.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 5.131.104.16 9256
255.255.255.255 255.255.255.255 On-link 192.168.2.104 281
255.255.255.255 255.255.255.255 On-link 192.168.2.23 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================
On the VM:-
C:\Documents and Settings\Administrator>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0c 29 dc a2 c1 ...... VMware Accelerated AMD PCNet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.3 192.168.2.11 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.11 192.168.2.11 10
192.168.2.11 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.2.255 255.255.255.255 192.168.2.11 192.168.2.11 10
224.0.0.0 240.0.0.0 192.168.2.11 192.168.2.11 10
255.255.255.255 255.255.255.255 192.168.2.11 192.168.2.11 1
Default Gateway: 192.168.2.3
===========================================================================
Persistent Routes:
None
C:\Documents and Settings\Administrator>tracert 192.168.2.23
Tracing route to 192.168.2.23 over a maximum of 30 hops
1 * * * Request timed out.
2 * ^C
C:\Documents and Settings\Administrator>tracert 192.168.2.3
Tracing route to 2003server.mycompany.local [192.168.2.3]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 2003server.mycompany.local [192.168.2.3]
Trace complete.
C:\Documents and Settings\Administrator>tracert 192.168.2.14
Tracing route to ws2001.mycompany.local [192.168.2.14]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms ws2001.mycompany.local [192.168.2.14]
Trace complete.
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : vm1
Primary Dns Suffix . . . . . . . : MyCompany.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : MyCompany.local
mycompany.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : mycompany.local
Description . . . . . . . . . . . : VMware Accelerated AMD PCNet Adapter
Physical Address. . . . . . . . . : 00-0C-29-DC-A2-C1
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.3
DHCP Server . . . . . . . . . . . : 192.168.2.3
DNS Servers . . . . . . . . . . . : 192.168.2.3
Primary WINS Server . . . . . . . : 192.168.2.3
Lease Obtained. . . . . . . . . . : 25 February 2011 22:23:31
Lease Expires . . . . . . . . . . : 05 March 2011 22:23:31
In this configuration its generally best to make sure your vm's are using bridged ethernet connections with the LAN interface, this way they should basically act like LAN client workstations.
Also worth ruling out, the subnets of either your vpn or vm's arent the same as your local IP at the remote end of the vpn? If so you may have some routing issues
It sounds like you probably don't have your VM's patched in with the right kind of networking. Did you use a bridge device or a nat device? Did you append the to wan or lan interface on the host? Did you setup port forwarding right? If you give a few more implementation details I think we're more likly to be able to find which bit of wiring is missing.
Have a read of this. If it doesnt help, it will explain the vm networking setup.
http://communities.vmware.com/thread/83874
May point you in a new direction with hopefully a successful outcome
Can you run a tracert from the VPN client to the virtual host? and vice-versus. What is the outcome?