[Vpn-help] Browsing Windows Network Shares
Markus Stockhausen
markus.stockhausen at collogia.de
Tue Mar 4 15:16:18 CST 2008
>Markus Stockhausen wrote:
>> Hallo everybody.
>>
>> I'm very happy to have finished a VPN Setup with the (fabulous)
>> Shrew VPN Client and a Juniper Netscreen SSG-140 using Certificates
>> and XAuth. Everything runs like a charm on my Windows PC (DNS,
>> Routing, ...). But there is one thing left I cannot get to work:
>> Browsing of Network Shares. At the moment I end up with getting
>> the Logon Screen displayed and I enter my username and password and
>> afterwards the system hangs.
>>
>> I tried to supply the DNS/WINS IP addresses in the client
>> directly and everything I suspect to be not provided by the
>> Firewall device. I'm quite stuck and do not know what type of
>> debug output I could provide to narrow down the reaseon of this
>> problem.
>>
>> Any help is appreciated. Thanks in advance.
>>
>
>Markus,
>
>I'm not sure how feasible this is, but have you tried accessing the
>windows network share from within the same network ( not over the VPN )?
>The reason I ask is that I sometimes have problems doing this myself
>depending on the difference between the OS versions and computer ID
>settings ( workgroup names, domain memberships, etc ... ). I assume you
>can resolve the remote host via WINS or you wouldn't be getting the
>authentication dialog popup. Seeing this dialog mostly proves the WINS
>resolution and IPsec communications is working as intended.
>
>One of the tools you can use is nbtstat -c to list the WINS resolver
>cache. If you see the host you are attempting to connect with, then the
>host name was resolved correctly via WINS. I just ran some regression
>tests with the Shrew Soft client and was able to successfully browse a
>windows share between 2 XP hosts across a VPN connection. I am using
>samba as the WINS server though so this may not be a complete apples to
>apples comparison. Sorry I can't be more help.
>
>Thanks,
>
>-Matthew
Hi,
im getting more and more confused. As you can see from the following
output (directly after connect) everything seems to work perfect.
Colnt05 is our Domain Controller, WINS & Fileserver.
C:\Dokumente und Einstellungen\markus>nbtstat -c
Intel WLAN:
Knoten-IP-Adresse: [0.0.0.0] Bereichskennung: []
Keine Namen im Cache
LAN-Verbindung:
Knoten-IP-Adresse: [192.168.2.203] Bereichskennung: []
Keine Namen im Cache
\Device\NetBT_Tcpip_{1E316282-D34C-4CB6-AB5C-7D4B73D95333}:
Knoten-IP-Adresse: [10.150.1.12] Bereichskennung: []
NetBIOS-Remotecache-Namentabelle
Name Typ Hostadresse Dauer [Sek.]
-------------------------------------------------------------
COLNT05 <20> EINDEUTIG 192.168.10.15 490
COLNT05 <00> EINDEUTIG 192.168.10.15 495
C:\Dokumente und Einstellungen\markus>nbtstat -a colnt05
Intel WLAN:
Knoten-IP-Adresse: [0.0.0.0] Bereichskennung: []
Host nicht gefunden.
LAN-Verbindung:
Knoten-IP-Adresse: [192.168.2.203] Bereichskennung: []
Host nicht gefunden.
\Device\NetBT_Tcpip_{1E316282-D34C-4CB6-AB5C-7D4B73D95333}:
Knoten-IP-Adresse: [10.150.1.12] Bereichskennung: []
NetBIOS-Namentabelle des Remotecomputers
Name Typ Status
---------------------------------------------
COLNT05 <00> EINDEUTIG Registriert
COLLOGIA <00> GRUPPE Registriert
COLLOGIA <1C> GRUPPE Registriert
COLNT05 <20> EINDEUTIG Registriert
COLLOGIA <1B> EINDEUTIG Registriert
COLLOGIA <1E> GRUPPE Registriert
COLLOGIA <1D> EINDEUTIG Registriert
..__MSBROWSE__.<01> GRUPPE Registriert
MAC Adresse = 00-E0-81-32-EB-E0
The Server colnt05 I want to connect to is in our companies Domain
while my Laptop is only set up as workgroup operation. To confirm
that it has nothing todo with the Laptop setup I configured our
firewall to accept L2TP-IPSEC connections with the Windows standard
client. The laptop is assigned the same IP in both szenarios and works
perfect with the standard client while the Shrew client only fails with
the network shares.
In my tests I encountered a second issue that makes it all more and
more misterious. I cannot make an RDP connection to the all in one
Domain/WINS/Fileserver colnt05. Every other host works without
problems.
... hm, have to sleep over it ...
Bye
Markus
****************************************************************************
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
Weitergabe dieser Mail ist nicht gestattet.
Über das Internet versandte E-Mails können unter fremden Namen erstellt oder
manipuliert werden. Deshalb ist diese als E-Mail verschickte Nachricht keine
rechtsverbindliche Willenserklärung.
Collogia
Unternehmensberatung AG
Ubierring 11
D-50678 Köln
Vorstand:
Kadir Akin
Prof. Gerd M. Henselmann
Dr. Michael Höhnerbach
Vorsitzender des Aufsichtsrates:
Hans Kristian Langva
Registergericht: Amtsgericht Köln
Registernummer: HRB 52 497
This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
e-mails sent over the internet may have been written under a wrong name or
been manipulated. That is why this message sent as an e-mail is not a
legally binding declaration of intention.
Collogia
Unternehmensberatung AG
Ubierring 11
D-50678 Köln
executive board:
Kadir Akin
Prof. Gerd M. Henselmann
Dr. Michael Höhnerbach
President of the supervisory board:
Hans Kristian Langva
Registry office: district court Cologne
Register number: HRB 52 497
****************************************************************************
More information about the vpn-help
mailing list