Can't access certain network resources w/ Cisco VPN

[reveille_83]

Gurus,

We just recently upgraded to a new Cisco router. Prior to the Cisco router we had a cheap router / switch setup with a server running SBS 2003. We had a few "road warriors" They would use the standard windows VPN dialup connection. They would access some shared drives and Companyweb.
After installing the new router things seem to be working a little better minus a few quirks we are discovering. We have a user who is unable to access http://companyweb while dialed in using the Cisco VPN client.
We have a Cisco 2811 router. Bare with me as my knowledge is very low with this new equipment. I was just looking for some guidance, I'm interested in figuring out things for my self, but this is kind of a big deal and I'm at a loss.

Thanks

 

[Gambrinus]

Can this user ping "companyweb" by IP address? If so, check his DNS settings and make sure he's getting the correct settings from the VPN server.

 

[reveille_83]

He is able to ping companyweb.

What are the DNS settings suppose to be? Our server or our router?

 

[reveille_83]

DNS Servers ..... x.x.1.2
WINS Server ..... x.x.1.2

This IP is our SBS 2003 server.

 

[reveille_83]

What about permissions? He was able to access the companyweb prior. But now he is connected via Cisco VPN does this mess with the permissions?

 

[reveille_83]

Note: the VPN server gives out a different set of IPs.

The ip address of his laptop is x.x.5.9

 

[Sharaz Jek]

on our cisco vpn, the dns settings should be set to the internal dns server.

can you user ping the dns name, or can ping just the ip address? if dns no, but ip yes, then can he http://ipaddress of company web and see?

if no, then check the laptop for firewall issues or other software related stuff. he might have installed zonealarm or some other BS and it doesnt like the other network, and it thinks its being attacked. if this or other related BS is installed, have him turn it all off, and retest.

 

[reveille_83]

We can ping companyweb and x.x.1.2.

I tried http://x.x.1.2 and it says page can not be displayed.

I turned off the firewall via services.msc and still not able to view companyweb.

I have confirmed companyweb works by remoting into the server via RDC and going to http://companyweb

 

[MorfiusX]

Check in IIS that the virtual server is allowed to be accessed from a different subnet other than the one the server resides on. By default, it can only be accessed from the internal network. Your new subnet that VPN clients are connected on isn't part of the internal subnet according to IIS. But, don't change anything in IIS. Use the Wizard is server management in order to grant access to the sites via the new subnet.

 

[reveille_83]

Morf,

Where in IIS can i confirm this? And which wizard do I run to allow another subnet?

 

[reveille_83]

still need help