I use a vpn to get into the servers and email at work, this worked fine when I had Win2k but now with XP Pro I can't access any of the servers, but I can VNC to my computer at work and also set up the exchange server on outlook, so there is a connection, I just can't access any of the servers, by typing the name i.e. \\xxx\xxx\xxx. It says access denide.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
VPN Problems in XP Pro
- Thread starter leonec
- Start date
John Lewis
Programmer
bcastner --
Curious -- why would you ever need to forward a port with a VPN? Even if port forwarding was indicated, why 3389?
leonec --
Now to the matter at hand.
Not a lot to work with here, but . . .
If you are getting an 'access denied', you are getting through to your server. If you weren't getting there, you would get 'network path not found', 'no route to host', or something along that line. Your error indicates that your XP computer is sending a message to the server in question, and the server is saying 'no, thank you'.
A couple of possibilties. If your work network is setup with a domain, you aren't logging into the domain. Logging onto the VPN is different from logging into the domain.
If you aren't using a domain, either your user name/password on your XP machine (at home) is different than the user name/password on the other machines. Also, some older versions of windows used plain text passwords, which XP does not use by default.
So, if you need further help . . .
A) are you using a domain or a workgroup?
B) what version of Windows (including service pack) is running on the server(s)
C) just occured to me that you might be using something other than Windows on the server, which could change things. Anything other than Windoze?
Curious -- why would you ever need to forward a port with a VPN? Even if port forwarding was indicated, why 3389?
leonec --
Now to the matter at hand.
Not a lot to work with here, but . . .
If you are getting an 'access denied', you are getting through to your server. If you weren't getting there, you would get 'network path not found', 'no route to host', or something along that line. Your error indicates that your XP computer is sending a message to the server in question, and the server is saying 'no, thank you'.
A couple of possibilties. If your work network is setup with a domain, you aren't logging into the domain. Logging onto the VPN is different from logging into the domain.
If you aren't using a domain, either your user name/password on your XP machine (at home) is different than the user name/password on the other machines. Also, some older versions of windows used plain text passwords, which XP does not use by default.
So, if you need further help . . .
A) are you using a domain or a workgroup?
B) what version of Windows (including service pack) is running on the server(s)
C) just occured to me that you might be using something other than Windows on the server, which could change things. Anything other than Windoze?
Sorry to rush the answer, but even with VPN your firewall often stands at the headend of the connection. 3389 needs to be explicitely opened.
The error message is not a denial of authorization on the server. Win2k -- Windows 2003 treats all client messages in the GUI obscurely.
Check the server log and your own even logs for details.
The reason for the sparse GUI explanation is that it is a security breach to allow suggestions why an access failed.
The error message is not a denial of authorization on the server. Win2k -- Windows 2003 treats all client messages in the GUI obscurely.
Check the server log and your own even logs for details.
The reason for the sparse GUI explanation is that it is a security breach to allow suggestions why an access failed.
John Lewis
Programmer
OK, it is possible that there is a firewall between the VPN head and the server, in which case a port may need to be opened. Don't think that is the case here, as the problem started with a new client machine and OS.
'Access denied' is a server generated error, which means the client is reaching the server and the server has a return path to respond. 'The network path could not be found' is the standard client generated response.
Still a little lost on the port 3389. Why a terminal services port for file sharing?
'Access denied' is a server generated error, which means the client is reaching the server and the server has a return path to respond. 'The network path could not be found' is the standard client generated response.
Still a little lost on the port 3389. Why a terminal services port for file sharing?
It helps to remember that TS is a service, and is given a listening port.
The default is 3389, but it can be changed.
The other "gotcha" is that while most of the TS session is TCP traffic, UDP is used for voice and some video.
For your VPN remember to enable PPTP on your tunnel on any firewall or router. Most will not do this by default.
The default is 3389, but it can be changed.
The other "gotcha" is that while most of the TS session is TCP traffic, UDP is used for voice and some video.
For your VPN remember to enable PPTP on your tunnel on any firewall or router. Most will not do this by default.
- Thread starter
- #9
It is not that different, although there are differences. The XP client conforms to RD 5.1, and does not permit shadow sessions.
If Win2k can connect and WinXP cannot it is likely the issue is the license token. When XP is installed it receives a 90 day temporary token. You may need to transfer a CAL from the old Win2k client to XP. The details can be found here:
There is a real 'bug' if the unicode language is set differently between the XP client and the TS. I doubt this applies in your case, but I mention it because it is an issue in some settings.
A good resource for all things RD is the Wiki:
If Win2k can connect and WinXP cannot it is likely the issue is the license token. When XP is installed it receives a 90 day temporary token. You may need to transfer a CAL from the old Win2k client to XP. The details can be found here:
There is a real 'bug' if the unicode language is set differently between the XP client and the TS. I doubt this applies in your case, but I mention it because it is an issue in some settings.
A good resource for all things RD is the Wiki:
- Status
Similar threads
- Locked
- Question