Koozali.org: home of the SME Server

Can VPN but Can't see anything

Dan Williams

Can VPN but Can't see anything
« on: November 21, 2002, 09:54:04 PM »
Hi,
I can successfully VPN into my ESmith from home, but can not see anything, or access anything.
I have tried with the admin account, and the actual user account. and connect and authenticate on both, but can not see any shares, or other PC's in that workgroup.
Any assistance, or directions to a previous thread on this, greatly appreciated.
Thank You,
Dan Williams

Bill Talcott

Re: Can VPN but Can't see anything
« Reply #1 on: November 21, 2002, 10:25:36 PM »
Have you tried accessing the other PCs with \computername\share or \computer.ip\share, or only browsing Network Neighborhood? Do you have any other NT servers on the network?

Dan Williams

Re: Can VPN but Can't see anything
« Reply #2 on: November 21, 2002, 10:35:42 PM »
Hi Bill,
I just connected again now to test while I type this.
From a command prompt, If I "net view \computername"
I get a message saying "network path not found"
If I do a "net view \xx.xx.xx.xx"  I see the shares, and can map a drive letter that way.
Yes there is an NT Server 4.0 PDC at that location as well.
The location I am connecting to has the E-smith there (that is what I am VPN'ng into, and the location I am at has the E-Smith as well, that I am behind.
In NN I still only see my onw workgroup.
Hope this helps, thanks for replying.
Dan

Kelvin

Re: Can VPN but Can't see anything
« Reply #3 on: November 22, 2002, 11:06:54 AM »
Hi Dan,

This is a long standing issue with SME VPNs. It has something to do with WINS.

If you search the forums for WINS and VPN you'll get heaps.

Kelvin

Ray Mitchell

Re: Can VPN but Can't see anything
« Reply #4 on: November 24, 2002, 03:31:15 PM »
Dear Dan
I'm not sure if this is exactly right, someone please correct me if necessary.

If you want to be able to browse your remote shares,
you might need to make your local workstations workgroup name the same as your remote sme server workgroup name.

Also make the local workstation IP similar to the remote sme server IP with same subnet.

ie
remote sme server 192.168.1.1
subnet 255.255.255.255

local workstation IP  192.168.1.2
subnet 255.255.255.255

See if you can browse then.

If the IP's are in a different range (I'm not sure what the correct technical term is for this)
ie
remote sme server 192.168.1.1
local workstation IP  192.168.3.2

then after VPN'ing you need to connect to your remote shares using
net use M: \192.168.1.1\sharename
as you have discovered

Regards
Ray Mitchell

Bill Talcott

Re: Can VPN but Can't see anything
« Reply #5 on: November 25, 2002, 06:07:02 PM »
Dan Williams wrote:
>
> From a command prompt, If I "net view \computername"
> I get a message saying "network path not found"
> If I do a "net view \xx.xx.xx.xx"  I see the shares, and can
> map a drive letter that way.
> Yes there is an NT Server 4.0 PDC at that location as well.
> The location I am connecting to has the E-smith there (that
> is what I am VPN'ng into, and the location I am at has the
> E-Smith as well, that I am behind.
> In NN I still only see my onw workgroup.
> Hope this helps, thanks for replying.
> Dan

Kelvin is right. It's a WINS (Windows naming server) issue. If you're actually using the NT4 server as a PDC (as we are here), you should specify to the SME the IP of the NT4 to use for WINS. A search should turn up the command to use, as Kelvin suggested. We have an NT4 PDC which we use for WINS. It works great, but I'm not sure how well the SME itself handles WINS stuff for PPTP connections (just based on all the questions about it).

Ray Mitchell wrote:
>
> I'm not sure if this is exactly right, someone please correct
> me if necessary.
>
> If you want to be able to browse your remote shares,
> you might need to make your local workstations workgroup name
> the same as your remote sme server workgroup name.
>
> Also make the local workstation IP similar to the remote sme
> server IP with same subnet.
>
> ie
> remote sme server 192.168.1.1
> subnet 255.255.255.255
>
> local workstation IP  192.168.1.2
> subnet 255.255.255.255
>
> See if you can browse then.
>
> If the IP's are in a different range (I'm not sure what the
> correct technical term is for this)
> ie
> remote sme server 192.168.1.1
> local workstation IP  192.168.3.2
>
> then after VPN'ing you need to connect to your remote shares
> using
> net use M: \192.168.1.1\sharename
> as you have discovered

I think you're right about using the same workgroup name. In the default Network Neighborhood view, you'll only see your own workgroup. That's exactly what it's supposed to do. You'd have to browse the "Entire Network" to see other workgroups.

As for the similar IP thing, I think that might be exactly the opposite of what you want. If you use the same IP range, it can cause problems because it thinks the IP is local when it is actually remote. You shouldn't have problems using different IP ranges...

Since you have an SME at each location, you may want to look into FreeSwan to create an IPSEC tunnel. This will let you create one big LAN, as opposed to having each client create a connection (multiple NAT-ed PPTP clients can't connect to one server at the same time also).

James Douglas

Re: Can VPN but Can't see anything
« Reply #6 on: November 27, 2002, 06:36:54 AM »
in my brief experiences with sme and vpn i have been able to vpn and map drives via netbios name or ip but my browse list doesnt update

schotty

Re: Can VPN but Can't see anything
« Reply #7 on: December 03, 2002, 04:30:38 PM »
Your client should either use the wins server in the network or you should use LMHOST with all the entries for pcs on the network.

Wins Broadcast etc. do not get carried over the VPN and that is why you cant use netbios names.