Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Workgroup VPN Name Resolution???

Status
Not open for further replies.
jgoodman00

jgoodman00

Programmer
Joined
Jan 23, 2001
Messages
1,510
Ok, heres the scenario:

We have a Win2K Server behind a firewall router.
The Win2K server is not running a DNS service (seemed no point as clients do not register with it).
The Win2K server has the RRAS service running.
The router has passthrough enabled on the PPTP port (1723).

I can establish a VPN connection to the server from my laptop using another connection.
I can then ping the server by name, or other pc's by ip. I cannot, however, ping other pc's by name.

The LAN computers get their IP's from the router DHCP, in the range of 192.168.1.10 - 192.168.1.100
The server has a static ip of 192.168.1.2
The router has an ip of 192.168.1.1

I have tried assigning incoming connection ips from a pool in the range of 192.168.1.200 - 192.168.1.250, & also allowing the router to assign them.

No matter what I try no name resolution occurs...

However:
The router supports vpn-endpoints, & if I allow this to be the endpoint, it assigns incoming connections in the range of 192.168.1.200 - 192.168.1.250. Name resolution from these connections works perfectly. However, it does not support a VPN from a Pocket PC, so I need to use the Win2K server instead.

Any ideas on the fix?
Am I right in thinking that a workgroup uses NetBios for name resolution by default?
Why would the router terminated VPN resolve names, when a pass-through VPN does not?


Cheers,




James Goodman MCSE, MCDBA
 
Sort by date Sort by votes
quoted from
Unable to browse through PPTP/VPN connection
Symptoms: 1. If the WINS server is on the same computer as the PPTP/VPN server, and you attempt to connect to a computer using a PPTP/VPN client, you may experience following problem: 1) The NetBIOS name of the computer to which you are attempting to connect is not resolved. 2) You may receive an error message similar to the following error message: "System error 53 has occurred. The network path was not found" when using net view or opening Network Knighthood.
2. If the WINS server is not on the same computer as the PPTP server and you attempt to connect to a computer using a PPTP client, you may be able to connect to computers on your local area network (LAN), but you may be unable to connect to network shares or resources on the PPTP server.
Resolutions: Inability to browse often means the client can't resolve NetBIOS names.
1. If this is a workgroup network, enable NetBIOS over TCP/IP on the server and clients.
2. If this is domain network and the WINS server is on the same computer as the PPTP/VPN server, move the WINS server to a different computer.
3. Add the NetBEUI protocol for your PPTP tunnel instead of, or in addition to, TCP/IP.
4. By default, most routers and firewalls prevent the transmission of NetBIOS names unless you enable UDP ports 137 and 138 and TCP port 139. Try to enable UDP ports 137 and 138 and TCP port 139 across all routers and firewalls between the PPTP/VPN client and PPTP/VPN server.
5. Make sure the client has correct DNS, WINS and Master Browser settings.
6. Make sure the default gateway points to the remote network rather than to the ISP.
7. Some ISP might block ports required for NetBIOS name broadcasts.
8. If WINS address is not distributed upon connection to VPN, LMHOSTS should be configured to enable Domain to be located.
9. If you try these techniques and the client still can't browse, try to use UNC to connect to the remote resources by ip, for example, use the net use h: \\serverip\sharename command.


Robert Lin, MS-MVP, MCSE & CNE
Windows, Network, Internet, VPN, Routing and How to at
 
Upvote 0 Downvote
Hi,

Make sure that the group membership is the same, if your domain is mydomain.com and the PC is member of workgroup and you don't want to change to member of domain, change the workgroup name to mydomain.com.
Don't forget to enable broadcast name resolution on your RRAS and choose the internal adapter
 
Upvote 0 Downvote
Thanks for the replies:

Symptoms:
1. No WINS Server on network.
2. See Above.

Resolutions:
1. NetBIOS is enabled on all machines.
2. n/a
3. Added NetBEUI protocol to server, but could not add to my laptop because its a WinXP laptop with a recovery CD.
4. Relevent ports are configured to forward to RRAS server.
5. ?
6. Default Gateway is correct.
7. Dont believe ISP is blocking ports because it works when connecting to the router as an endpoint.
8. No domain.
9. Connection via IP works perfectly.

Any more suggestions, or how I can get the NetBEUI protocol for my laptop given the recovery CD situation?

Cheers,


James Goodman MCSE, MCDBA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

StevenFromSouth
  • Locked
  • Question Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
441
StevenFromSouth
StevenFromSouth
bechna
  • Locked
  • Question Question
Windows Server and VPN Setup
Replies
1
Views
455
DrB0b
DrB0b
bechna
  • Locked
  • Question Question
Unable to connect to VPN windows server 2019
Replies
0
Views
354
bechna
bechna
FreeSoldier
  • Locked
  • Question Question
Server 2012 R2 VPN Encryption
Replies
1
Views
391
tacohunter
tacohunter
evr72
  • Locked
  • Question Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
260
evr72
evr72

Part and Inventory Search

Sponsor

Back
Top