Jump to content
Tuts 4 You

Vpn Connection Problems


Recommended Posts

This is not really a reversing/debugging question - except maybe for someone like me travelling all the time and needs to connect to their home network.

Anyway the question is -

I have set up a VPN connection to one PC on my home network and access it using a laptop. Both are WinXP.

The VPN connects reliably and I can ping all the IP addresses on my home network. I can also connect to ip addresses on the home network (such as the router web configuration pages).

BUT the big problem is the home network shares are not accessible using "My Network Places" or using drive mapping.

The VPN client and server are using the same workgroup name and I can see the client is getting an ip address at connection which does not conflict with the home network ip range.

If you Google for this you will find many, many examples of this same problem. None of the "solutions" work at all.

I'm pretty sure the problem is caused by the host names not being correctly resolved to ip address.

Maybe someone has found how to set up these VPN connections so they work and network shares can be browsed?

Link to comment

Another thing to check out is the WinXP firewall - I'm not claiming to be experienced in network issues, but I think the XP firewall is auto configured to block shares and file sharing?

Long shot, but might be worth checking.

Link to comment

it is necessary to try to see whether the router blocks the connections!!

and it is preferable to decontaminate the firewall bus if not it is likely to have failures!

and also if I read well if you is in dynamic IP it is harder because it is necessary to configure so that it accepts this connection!!

but if not there is very interesting software which will not give you conflict!

Link to comment
BUT the big problem is the home network shares are not accessible using "My Network Places" or using drive mapping.

Can it be map using ip address (\\192.168.x.x\shares), Is your config like this :

DSLMODEM>ROUTER>PC(XP)?

I think this is related on NetBIOS broadcast thing.....

aNtRoBs

Link to comment
Can it be map using ip address (\\192.168.x.x\shares), Is your config like this :

DSLMODEM>ROUTER>PC(XP)?

My config is exactly like this - with the PC(XP) on a LAN(workgroup)]

I think this is related on NetBIOS broadcast thing.....

aNtRoBs

Yes. I can map using ip address and get access to shares that way.

I also think the problem is netBIOS related. I've openned the ports 137..139 for netbios traffic but still does not fix it

If I use "nbtstat -R" I can see the network shares for a while using "my network places" but it is not reliable.

Thanks

Z

Edited by Ziggy
Link to comment
Guest Individual11
Can it be map using ip address (\\192.168.x.x\shares), Is your config like this :

DSLMODEM>ROUTER>PC(XP)?

My config is exactly like this - with the PC(XP) on a LAN(workgroup)]

I think this is related on NetBIOS broadcast thing.....

aNtRoBs

Yes. I can map using ip address and get access to shares that way.

I also think the problem is netBIOS related. I've openned the ports 137..139 for netbios traffic but still does not fix it

If I use "nbtstat -R" I can see the network shares for a while using "my network places" but it is not reliable.

Thanks

Z

Ziggy,

This definitely sounds like a netBios issue as by default, netBios uses broadcasts to the local segment and these datagrams will not by default traverse a routed link to leave the local subnet. Couple of things you might try, the best of which I suspect will be to enable netBIOS over TCP (thus permitting the traffic to be routed) by selecting the relevant card in Network connections --> TCP/IP Properties --> Advanced --> WINS --> Enable netBIOS over TCP/IP. The other thing that may work is enabling LMHosts (on the same screen as the netBIOS over TCP/IP. I believe that LMHosts is the equivalent of a normal hosts file except for netBIOS services, thus known destinations may be defined here thus negating the need for a WINS server. The LMHosts file is located in the same dir as the regular hosts file, that is %SystemRoot%\System32\Drivers\Etc and the format is the same. eg

192.168.1.10 Workstation1

192.168.1.11 Workstation2 FredsBox Graphics

etc I think multiple names may be assigned to a single host in the same way as in the Hosts file, by simply seperating them with a space. You can also define domain names by preceeding the assigned name with #DOM (unusually for Windows this is case sensitive and MUST be uppercase):

192.168.1.10 Workstation1 #DOM:HOMENET

The enable netBIOS over TCP/IP method *may* not allow you to browse the resources, I`m unsure, however you should definitely be able to use a share with net use Z: \\192.168.1.10\station1share etc

Hope this works for you, I certainly have shares on different subnets whether locally or remotely, using these methods.

G`luck!

Link to comment

Thanks Individual11 and everyone who has helped on this question.

I am sure now the problem is because NetBIOS will not work reliably over the two subnets connected via the VPN. "My Network Places" will show the remote shares sometimes but it is just not reliable and often hangs for a minute or two before any kind of response.

I don't believe there is much that can be done to improve the reliability of NetBios. It is a kludge (left over from IBM networking) and is not totally reliable even on one LAN let alone on two subnets connected via VPN. Setting up host details in LMHOSTS did not help much. Maybe setting up a WINS server might help, but I think the fundamental problems with NetBios will still mean using "My Network Places" is not reliable.

I should also mention that I have set up all the ip addresses to be static. I've found in the past that NetBios is not reliable even on one LAN unless the ip addresses are static.

I've found the simplist and most reliable solution to accessing shares via a VPN is to set up a "network place" or desktop shortcut to each share using direct addressing eg. \\192.168.0.x\share.

I've found using the ip address and share name works reliably and does not hang if the VPN is not connected or the share is not found. Also the HOSTS file on the remote PC can be set up to translate the remote host name to ip address and means the host name shortcut to the share (eg \\MyHomePC\share) is easier to remember.

Again thanks to everyone who has helped. Maybe this topic might also help someone else in the future.

Cheers

Z

Edited by Ziggy
Link to comment

I'm glad you found the simplist and most reliable solution to accessing shares via a VPN..

That's the one i always do when i'm doing some confirmation and troubleshooting regarding connection issue......since i've tried to setup site to site VPN few years back, and I always tick NetBIOS broadcast on the router so i can browse HOSTNAME in Microsoft Windows Network in My Network Places....... but in your case is client to server.... Anyway you've found your solution.

GrEeTz,

aNtRoBs

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...