Small VPN Question - Win 2000 LAN Access

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: comp.dcom.vpn (More info?)

I have a small VPN set up to allow me to access my home network remotely.
The host runs Windows 2000. It has two nics, one connected to a cable modem
(named WAN) and one connected to my LAN (named LAN). The LAN uses private
IPs in the range 192.168.0.x. Internet connection sharing is enabled on the
WAN adapter. It receives an IP from my provider. TCP/IP properties on the
Incoming Connections "adapter" are set thus:

(check) Allow callers to access my network

Specify TCP/IP address: 192.168.0.101-110
(I am aware that only one VPN connection is allowed)

(nocheck) Allow calling computer to specify it's own address

I can successfully connect to the host over the VPN and I can access it's
resources, but the host computer name does not show up in the client's
network computer browser. I must manaually map a drive by using the host's
name.

I am also unable to access any other computers on my LAN. I thought that
routes between WAN and LAN would be set up automatically during the
"Registering your computer on the network" phase, but aparently that's not
so. I suppose I could connect to all the other resources on the network with
the VPN host and share them from there in order to access them from the VPN
client, but that seems really clunky.

I've tried this with Windows 2000 and Windows XP clients with "Use default
gateway on remote host" unchecked.

The following is a copy of the server and client config info and routing
tables from a console while I am connected to the VPN. Where appropriate
actual numbers have been replaced with x1, x2, etc. to indicate matching
numbers.

Would some kind soul cast an eye over this information and please let me
know if there is something obviously wrong, or what permenant routes I would
have to set up to tie the two networks together. Also, if anyone is willing,
I wouldn't mind a short explaination of reading the routing tables. I've
been through MSs documentation and have come away without learning much.
Otherwise I wouldn't be asking :)

SERVER:
C:\>ipconfig /all

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : PIIIxxx
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : comcast.net

Ethernet adapter WAN:
Connection-specific DNS Suffix . : comcast.net
Description . . . . . . . . . . . : Realtek RTL8139/810x
Physical Address. . . . . . . . . : 00-20-18-D5-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 67.167.x1.x2
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Default Gateway . . . . . . . . . : 67.167.x1.x3
DHCP Server . . . . . . . . . . . : 12.242.20.34
DNS Servers . . . . . . . . . . . : 63.240.76.198
204.127.199.8
Lease Obtained. . . . . . . . . . : Wednesday, April 14, 2004
Lease Expires . . . . . . . . . . : Sunday, April 18, 2004

Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : IBM 10/100 EtherJet
Physical Address. . . . . . . . . : 00-06-29-8F-xx-xx
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.101
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x1000003 ...00 20 18 d5 xx xx ...... Realtek RTL8139/810x (bla bla...)
0x1000004 ...00 06 29 8f xx xx ...... IBM 10/100 EtherJet PCI Adapter
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 67.167.x1.x3 67.167.x1.x2 1
4.158.x4.x5 255.255.255.255 67.167.x1.x3 67.167.x1.x2 1
67.167.x1.128 255.255.255.128 67.167.x1.x2 67.167.x1.x2 1
67.167.x1.x2 255.255.255.255 127.0.0.1 127.0.0.1 1
67.255.255.255 255.255.255.255 67.167.x1.x2 67.167.x1.x2 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.1 192.168.0.1 1
192.168.0.1 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.0.101 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.0.102 255.255.255.255 192.168.0.101 192.168.0.101 1
192.168.0.255 255.255.255.255 192.168.0.1 192.168.0.1 1
224.0.0.0 224.0.0.0 67.167.x1.x2 67.167.x1.x2 1
224.0.0.0 224.0.0.0 192.168.0.1 192.168.0.1 1
255.255.255.255 255.255.255.255 67.167.x1.x2 67.167.x1.x2 1
Default Gateway: 67.167.x1.x3
===========================================================================
Persistent Routes:
None
---
CLIENT:
C:\>ipconfig /all

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : alxxx
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wire:
Media State . . . . . . . . . . . : Cable Disconnected
Description . . . . . . . . . . . : Linksys EtherFast (bla bla...)
Physical Address. . . . . . . . . : 00-E0-98-76-xx-xx

PPP adapter BCS VPN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.102 <IP from VPN
server
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.0.102
DNS Servers . . . . . . . . . . . : 63.240.76.198
204.127.199.8

PPP adapter ?:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 4.158.x4.x5
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 4.158.x4.x5
DNS Servers . . . . . . . . . . . : 209.244.0.3
209.244.0.4
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 e0 98 76 xx xx ...... Fast Ethernet PC Card
0xa000004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0xb000005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.102 192.168.0.102 1
0.0.0.0 0.0.0.0 4.158.x4.x5 4.158.x4.x5 2
4.158.x4.x5 255.255.255.255 127.0.0.1 127.0.0.1 1
4.255.255.255 255.255.255.255 4.158.x4.x5 4.158.x4.x5 1
67.167.x1.x2 255.255.255.255 4.158.x4.x5 4.158.x4.x5 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.102 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.0.255 255.255.255.255 192.168.0.102 192.168.0.102 1
209.244.42.10 255.255.255.255 4.158.x4.x5 4.158.x4.x5 1
224.0.0.0 224.0.0.0 4.158.x4.x5 4.158.x4.x5 1
224.0.0.0 224.0.0.0 192.168.0.102 192.168.0.102 1
255.255.255.255 255.255.255.255 4.158.x4.x5 1000003 [??] 1
Default Gateway: 192.168.0.102
===========================================================================
Persistent Routes:
None

C:\>

I added the [??]. I was surprised to see it.

I don't understand where 4.158.x4.x5 came from so I xed it. Is this the
exterior IP of the tunnel?

I understand that this whole mess can be cured by adding a router in front
of the VPN host and getting rid of one of the nics, but this isn't an option
right now. And besides, I should be able to figure it out. Unfortunately I'm
not well enough versed in reading these tables to do so.

Thank you all for your patience. Any reply is appreciated.
-SHAWN-
 
Archived from groups: comp.dcom.vpn (More info?)

> > Is NetBIOS enabled?

> You cannot enable NetBIOS with the MS PPTP VPN on Win2K.

Hi bob - I've been playing with it, and I see you're correct.

> But if you look at the same thing in the VPN
> adapter you will see that it is missing.

Well, on the Networking tab I installed NetBEUI and enabled it,
however the client says that it couldn't negotiate a protocol so
NetBEUI isn't used. There may be some crucial technical point I'm
missing here, but as far as I can see from the dox NetBEUI is NetBIOS
with a different name. I was able to see my entire LAN with this setup
(in the clien's network browser), but I still can't access computers
other than the VPN host. It boils down to the same thing: I still
can't access my LAN.

I suppose this basically means that I should look to L2TP instead of
PPTP for a tunnel, but I'm not sure I want to open that can of worms.
It's not a critical problem as I can come up with a work around
without using static IPs, but it just bugs me.

I'm certainly not going to "upgrade" to XP anytime soon, and as all
this is just hanging out there in the breeze I always intended to get
a router/firewall anyway but that won't happen for a couple of weeks
yet.

Thank you ppointer for your suggestion, and thank you Bob for your
explanation. I'm going back to shields up and make sure I got
everything buttoned up properly again.
-SHAWN-
 
Archived from groups: comp.dcom.vpn (More info?)

On 16 Apr 2004 11:05:22 -0700, shawn@testech-ltd.com (Shawn Fessenden)
wrote:

>I can successfully connect to the host over the VPN and I can access it's
>resources, but the host computer name does not show up in the client's
>network computer browser. I must manaually map a drive by using the host's
>name.

That's because MS crippled Win2K. If you look at the TCP/IP Advanced
Properties for your LAM you will see that NetBIOS is available, hence
you have name resolution. But if you look at the same thing in the VPN
adapter you will see that it is missing. XP has it, so the idea was to
force you to upgrade. Screw MS - use startic IPs for the VPN Client
and map with raw IPs.

>I am also unable to access any other computers on my LAN.

Another cripple. You can access machines on the VPN Server LAN but not
the other way.

Enough said. MS deliberately crippled NetBIOS in the PPTP VPN. If it
were an oversight it could have been easily corrected with a Service
Pack. But that is not how MS does business.

The defenders of this outrageous predatory practice tell you that if
you don't like it, buy a Mac. That's the same as telling you that if
you don't like the fact that the old Pinto automobile had a strong
propensity to blow up when rear-ended, buy a Chevy.

These people are clearly lunatics.

--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
Archived from groups: comp.dcom.vpn (More info?)

On Fri, 16 Apr 2004 18:43:03 GMT, ppointer@nospamindspring.com wrote:

>Is NetBIOS enabled?

You cannot enable NetBIOS with the MS PPTP VPN on Win2K.

It was deliberately crippled to force the user to "upgrade" (lol) to
XP.

I wonder how many politicians Bill Gates had to buy off to get into
this envious position.

--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
Archived from groups: comp.dcom.vpn (More info?)

On 16 Apr 2004 17:34:05 -0700, shawn@testech-ltd.com (Shawn Fessenden)
wrote:

>Well, on the Networking tab I installed NetBEUI and enabled it,

Get rid of it. Use TCP/IP. You may think it is the same as NetBIOS,
but it isn't.

You are probably the only person left in the Windows world who has
implemented that dinosaur. Believe me when I advise you to get rid of
it. I can't see you setting up a VPN with it hanging around your neck.

--

Map Of The Vast Right Wing Conspiracy:
http://www.freewebs.com/vrwc/

"You can all go to hell, and I will go to Texas."
--David Crockett
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom