Announcement

Collapse
No announcement yet.

VPN Clients Can't View Server Resources

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Clients Can't View Server Resources

    I have W2K3 R2 Server with RRAS installed for VPN client support. The server is behind a Netgear FVS338 firewall with the VPN port opened and mapped to the server IP. The clients are all running XP Pro and have all been joined to the domain locally before they were sent out for remote access. They have all been configured using the Windows VPN connection tool. Generally, the VPN connection itself is made quickly and user authentication is very fast. However, sometimes the user can access the shared server resources and sometimes they can't -- they complained their mapped drives weren't connected and they couldn't navigate the domain via My Network Places. When I am at the client PC and have a "bad" connection I run "net view \\servername" and no resources are displayed. If I then run "net view [server ip address]" I can see all of the server resources. I can successfully ping the server name or the FQDN.

    I should point out that when I run net view on a "good" connection I can see all of the server's shared resources.

    From hours of 'net reading it appears there is a common problem with DNS resolution not being consistent over VPN connections due to server configuration problems. I've just changed the RRAS IP properties from DHCP to a "static address pool" and am waiting for a user to test this new setting -- I'm not physically at one of the remote machines at this posting.

    Can someone here shed some light on this problem?

    Thanks in advance.

  • #2
    Re: VPN Clients Can't View Server Resources

    The problem is not with DNS or the RRAS ip address settings. Neither DNS or ip addresses make network browsing or drive mappings work. NetBIOS broadcasts make network browsing work and RPC makes the network drives work. How are the drives mapped, through a logon script or permanent mappings? In either case I suspect you are mapping to \\servername\sharename. This is going to make a connection based on the server's NetBIOS name not it's FQDN. You can try to correct this by mapping to \\servername.domain.com\sharename or you can create a batch file that deletes and remakes the mappings that each user can execute when they connect via VPN. Network browsing typically is difficult to get working through a VPN connection because of the problem with getting NetBIOS broadcasts to go through the VPN connection.

    Comment


    • #3
      Re: VPN Clients Can't View Server Resources

      Thanks for the suggestion.

      I've given the VPN clients a .bat file on their desktop for them to run after making the VPN connection. Yes, you are correct, I have been specifying \\servername\sharename in the batch file. I'll modify the batch files as you suggest and test again.

      I just came back from doing an nslookup after making the VPN connection and realized that nslookup was getting the IP address for our parked domain name (comanyname.org) that matches our internal domain name. Is this part of the problem too? If so any suggestions on how to fix it?

      I'll report back in a bit after I test your changes to the batch files.

      Thanks!!
      Bob



      Originally posted by joeqwerty View Post
      The problem is not with DNS or the RRAS ip address settings. Neither DNS or ip addresses make network browsing or drive mappings work. NetBIOS broadcasts make network browsing work and RPC makes the network drives work. How are the drives mapped, through a logon script or permanent mappings? In either case I suspect you are mapping to \\servername\sharename. This is going to make a connection based on the server's NetBIOS name not it's FQDN. You can try to correct this by mapping to \\servername.domain.com\sharename or you can create a batch file that deletes and remakes the mappings that each user can execute when they connect via VPN. Network browsing typically is difficult to get working through a VPN connection because of the problem with getting NetBIOS broadcasts to go through the VPN connection.

      Comment


      • #4
        Re: VPN Clients Can't View Server Resources

        That could also be part of the problem. I would suggest setting the client option to use "use the gateway on the remote network" (or some wording to that affect). This wilkl cause your VPN clients to use the internet connection at your VPN site and should force them to use your internal DNS server(s) for DNS resolution.

        Comment


        • #5
          Re: VPN Clients Can't View Server Resources

          You've done it again!

          Looks like that change to the batch files is working -- test 4 out of 7 PCs with 100% success so far.

          I spent at least 8 hours chasing possible issues and searching the web and with one question posted on this forum the problem is solved. I can't say thanks enough!

          bob

          Comment


          • #6
            Re: VPN Clients Can't View Server Resources

            I'm glad to hear that I occasionally get something right. Good luck with the rest.

            Comment

            Working...
            X