Solved

Two computers cannot see each other while one is using VPN

Posted on 2004-10-11
10
1,732 Views
Last Modified: 2010-04-10
I have two computers; #1 running windows XP Home set up as a work group; #2 running windows XP Pro set up on a domain. Computer two is my laptop used in my office and computer one is my home desktop. When I connect commputer 2 to my home network, everything is fine until I turn VPN on. Once I do this, computer teo can no longer get to computer one. I get the message that the user name could not be found.
0
Comment
Question by:papa_bear
  • 4
  • 4
  • 2
10 Comments
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12280846
From your information I am assuming you are trying to VPN to work? If so when the VPN is activated, it will disable all other traffic and route thru the VPN as the default gateway, for example - you can't browse with PC 2 on the internet either with the VPN turned on...

Try the following on your laptop:
Go to properties of VPNconnection -> Networking Tab -> TCP/IP -> Advanced button -> Clear the Use default gateway on remote network checkbox
0
 

Author Comment

by:papa_bear
ID: 12280958
Yes, I am trying to VPN to work, but I want access to my home resources, such as printers and files on my desktop computer. I do have internet access with VPN turned on, but I assume this is through my work place as if I were there on site.

Please excuse my ignorance. There is no "Netowrking" tab and when I go to the advanced button for the TCP/IP there is not a check box for "Use default gateway on remote network". I am unable to find the location you referred to.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12281100
What VPN client do you use? How do you 'turn it on'?
If, for example, you use a Cisco VPN client, then you do not have control over what you can/can't do while connected, and there is a built-in firewall client.
Try this:
 On PC#1, enable the Guest account in Control Panel, users
 On PC#2, create a LMHOSTS file with just one entry (use the PC's real name in place of "XPHOME"
    <ip address of PC#1>  <tab>  XPHOME   <tab>  #PRE

Save this as c:\winnt\system32\drivers\etc\lmosts.  <== make sure there is no .txt or other file extension

then from a DOS prompt:  C:\>nbtstat -RR

Now, try to ping PC#1 by name:
  C:\>ping XPHOME
0
 

Author Comment

by:papa_bear
ID: 12281254
So this allows me to access computer one using the name but not using the IP. This is acceptable to me, but can you explain why it happens this way? For example when I do start->run->\\XPHOME it takes me to computer 1 after waiting about 30-60 sec. If I do start->run->\\<IP address> I get the message mentioned above about the user name could not be found. I am confused because I thought the IP address would be recognized before the name.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12281300
The underlying network connection is still NetBios over TCP/IP. If we manually set up the Netbios/IP address mapping using a LMHOSTS file, then the netbios connections are easier to make.
With the LMHOSTS file, you should still be able to connect by either IP or by name
\\XPHOME
or
\\192.168.1.100

XP HOME has some severe limitations on networking, and because you use yours at work joined to a domain, you have problems with them recognizing each other. Something else you can do to "cheat" the system - change your home workgroup name from MSHOME to the same as your work domain on the XPHOME box, and enable Netios over TCP/IP on both:

Enable NetBios over TCP/IP in WIndows XP

   Click Start, click Control Panel

   Click Network Connections.

   Right-click "Local Area Connection", and then click "Properties".

   Click on (highlight) "Internet Protocol (TCP/IP)", and then click "Properties" button

   Click the General tab, and then click "Advanced" button , bottom right.

   Click the WINS tab.

   Under "NetBIOS setting" section, click Enable NetBIOS over TCP/IP, and then click OK two times, the "close".
     ( ) Default
     (*) Enable NetBios
     ( ) Disable NetBios

   Reboot the computer.


Speed up your browsing of Windows 2000 & XP machines AND Speed up viewing shared files across a network

Here's a great tip to speed up your browsing of Windows 2000 & XP machines.
Its actually a fix to a bug installed as default in Windows 2000/XP that scans shared files for Scheduled Tasks.
And it turns out that you can experience a delay as long as 30 seconds when you try to view shared files across a network because
Windows 2000/XP is using the extra time to search the remote computer for any Scheduled Tasks.
Note that though the fix is originally intended for only those affected, Windows 2000/XP users will experience
that the actual browsing speed of both the Internet & Windows Explorers improve significantly after applying it
since it doesn't search for Scheduled Tasks anymore.
Here's how :

Open up the Registry and go to :

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Explorer/RemoteComputer/NameSpace

Under that branch, select the key :{D6277990-4C6A-11CF-8D87-00AA0060F5BF} and delete it.

This is key that instructs Windows to search for Scheduled Tasks.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:papa_bear
ID: 12281531
Wow, that's a huge speed improvement.

I made the other changes you suggested. I still cannot gain access with the IP number while VPN is on. Any other ideas?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12281583
Any firewall software on the XPHOME?
If you can access it now by name, does it really matter that you can't get to it by IP?
Is your local LAN a different IP subnet than the LAN at work?
What VPN client do you use?

0
 

Author Comment

by:papa_bear
ID: 12281690
Yes, I am using Mcafee Firewall Plus. I have it configured to allow this IP through. Also it still does not work if I disable the firewall.

No, as I stated before, it doesn't matter much other than my own curiosity.

I think they are the same subnet, but i do not know how to confirm.

Intel NetStructure VPN Client.

Thanks for your help so far. I appreciate it more than you can imagine.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12281916
While you are at home, note your IP address:
C:\>ipconfig

Do the same when at work.. compare the two subnets. If they are the same, then we know why it does not work with the VPN enabled. This is such a common mistake that SO many companys make that it is irritating at best...having the company LAN using the same IP subnets as 90% of all home users using ICS or any off the shelf broadband router...

I'm sorry, but I'm not familiar with this particular VPN client...I do know, however, that if you are using a Cisco client, the client behavior while connected is completely controlled by the other end and there is nothing you can do about it.

I'm curious as well as to why it will work by name but not by IP...makes you want to go "hmmmmmm"...

Glad to be of some service, at least!

- Cheers!
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12282392
pap bear,
Sorry about that I had "mistakenly" assumed you were using microsofts built in vpn client.  And lrmoore beat me to the repsonse =)  Thanks lrmoore =)  That was a nifty reg hack posted above also!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now