VPN from Workgroup Computer to Domain, no shared resources visible

I have a Windows 2003 server running on the internet and accepting a RAS connection via VPN.
However I can see none of the shared resources on the domain/server from the VPN client.

My laptop machine runs XP Pro and I have set up a VPN connection on it.
However, the client is not a member of the Domain the server is in. It is a member of a workgroup (which I have given the same name as the domain).

The client can connect to the server over the internet quite happily.
I am challenged for Username, password and Domain and these are accepted.
The username/password on the workgroup laptop matches my account on the domain.

The internal IP range on the domain LAN is 192.168.16.x
The VPN gets issued a dynamic address in the domain's subnet and also is issued the same address (i.e. the client's address) as the gateway.

Browsing on the XP Pro workgroup client does not show any of the machines or shares on the Domain. Trying to open (via Start->Run) the server IP address fails. Trying to open the server share by name in Explorer fails.

I can ping the internal (domain) IP address of the server and of a wirelss access point that is sitting on the domain LAN. So IP is getting routed properly by the looks of it.

Can anybody suggest why I can do all this, but not see the server, nor connect to it by IP address or name?

Thanks for any help!

 

I've not used VPN on Windows 2003, however, on Windows 2000 the default behaviour is for the VPN client to only be able to access the VPN server. You have to enable access to the rest of the network via the VPN server connection properties. I expect the system on a 2003 server is similiar as it make sense from a security outlook, to restrict access by default.

Another thing to check is that you have the 2003 server set up as you're main DNS server whilst you are connected by VPN. Connections to active directory servers can become very difficult if you have not done this.

And lastly, your VPN connection is effectly a second network connected to the server. Both client and server may well have VPN addresses. The "internal" address of the server may be seen as external to the VPN network, and therefore inaccessible if you haven't network access enabled. Try connecting and then doing an IPCONFIG /ALL. The VPN connection will show up in the output. The server's VPN address will show as the default gateway for your VPN connection. Try using this address to connect to the server.

 

Thanks Reggie

This is Small Business Server, so the PDC, WINS, DNS, DHCP and RAS server are all the same box.

DNS server is already specifically set in my VPN connection.

Default Gateway was, as I say, being set by the DHCP to be the same as the client, which I didn't like, so I removed that and gave it the SBS server address.

I also found that in the RAS Policies there was a policy for access to "other servers ". This denied access to anything that had access 24x7. So I changed taht to Grant Access.

Finally, I decided to join the laptop to the domain and just log on locally when away from the ofice.

Result of all this was success!

The only thing taht doesn't work now is that POP3 Server to my Outlook client will send but not receive. I don't see that can be ta result as any of the VPN changes, so it must be coincidental.

Nick