Microsoft KB Archive/218058

= SBS RAS Clients Cannot Gain Access to the Entire Network =

Article ID: 218058

Article Last Modified on 11/19/2003

-

APPLIES TO


 * Microsoft BackOffice Small Business Server 4.0
 * Microsoft BackOffice Small Business Server 4.0a
 * Microsoft BackOffice Small Business Server 4.5

-



This article was previously published under Q218058



SYMPTOMS
If you configure your BackOffice Small Business Server (SBS) computer to use Remote Access Service (RAS), clients cannot gain access to the entire network.



CAUSE
This behavior occurs because RAS configuration settings by default allow clients to gain access only to the server.

The default settings disable Internet Protocol (IP) forwarding on the SBS computer. Because an SBS computer is also typically a Proxy server, IP forwarding is disabled for security considerations.

For additional information, please see the following article in the Microsoft Knowledge Base:

164882 Practical Recommendations for Securing Internet-Connections



RESOLUTION
To resolve this problem:

NOTE: Before proceeding to Part One, perform the following steps. For modem-based RAS clients, perform steps A and B, and for VPN-based clients, perform steps A-C.  IP forwarding must be enabled. Access entire network must be enabled. If packet filtering is enabled and VPN calls are going to be initiated and/or received, PPTP Call and PPTP Receive filters MUST be added to the filtering list.

Part One: Reconfigure RAS to Enable IP Forwarding

 * 1) Click Start, point to Settings, click Control Panel, and then double-click Network.
 * 2) Click the Services tab, click Remote Access Service, and then click Properties.
 * 3) When the Remote Access Setup dialog box appears, click Network.
 * 4) In the Allow remote clients running section, click Configure next to the network protocol you want to enable. The RAS Server Configuration dialog box appears.
 * 5) In the Allow remote protocol clients to access section, click Entire Network, and then click OK.
 * 6) Repeat steps 1-5 for each protocol you want to configure.
 * 7) When you have finished configuring the network protocols, click OK.
 * 8) In the Remote Access Setup dialog box, click Continue.
 * 9) In the Network Properties dialog box, click OK, and then restart the computer when you are prompted to do so.

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

233387 RAS Clients Cannot Access LAN When IP Forwarding is Disabled

Part Two: Configure Dynamic Host Configuration Protocol (DHCP) Windows Internet Name Service (WINS) NetBIOS Name Resolution Options

 * 1) Click Start, point to Programs, point to Administrative Tools (Common), and then click DHCP Manager.
 * 2) On the DHCP Servers tab, double-click Local Machine, and then click the DHCP scope you want to enable.
 * 3) On the DHCP Manager menu, click DHCP Options, and then click Global. The DHCP Options Global dialog box appears.
 * 4) In the Unused Options box, click 044 WINS/NBNS Servers, click Add, and then click Values. Click Edit Array, and then type the IP address of the WINS server (typically, this value is 10.0.0.2).
 * 5) In the Unused Options box, click 046 WINS/NBT Node Type, click Add, and then click Values. In the Byte box, type 0x8, and then click OK.
 * 6) Quit DHCP Manager.

This procedure provides DHCP clients with IP addresses and WINS server name resolution when they obtain an IP lease from the DHCP server. This enables a RAS client to browse all computers on the network.



STATUS
Microsoft has confirmed that this is a problem in BackOffice Small Business Server 4.0, 4.0a, and 4.5.

Additional query words: smallbiz

Keywords: kbbug kbnofix KB218058

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.