Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

Cannot see other domains attached by a VPN tunnel in My Network Places

Dear experts,

I have the following situation I have 2 VPN tunnels interconnecting 3 sites. The primary (center) site has a Netgear FVS318v3 8-port Prosafe VPN Firewall (recently changed) and the other two locations both have Linksys BEFSX41 Firewall routers. Initially the center location also had identical Linksys box.

When I had Linksys boxes I was able to go to My Network Places->Entire Netwok->Microsoft Windows Network
This would show all the domain names that were interconnected by the VPN tunnels. I could also access computers in those domains from there.

I have not changed any OS settings, just placed Netgear Firewall. So, it is gotta be a setting there.

My question is what exactly could cause the above situation?
2. How do I fix it?

Thank you in advance,

0
IvanT2006
Asked:
IvanT2006
  • 4
  • 3
  • 2
1 Solution
 
HeavyWaterLTDCommented:
Did you have to recreate the DHCP scopes when you replaced your box?
If that's the case then maybe you forgot to add WINS entry when re-creating the scope
0
 
IvanT2006Author Commented:
Hi

The DHCP is running off Win2k3 servers in all three locations. DHCP on the routers is off. I didnt have to recreate anything.

I also copied most of the setting from the old Linksys box. For instance, I didnt have to reconfigure the VPNs, with all the same settings I was working just fine.

The only problem so far is the one I mentioned above.

Thanks,



0
 
Rob WilliamsCommented:
In the VPN policy configuration of the Netgear, near the bottom, there is an option "NetBIOS enable". Have you enabled that on all routers.
Browsing often doesn't work well over VPN's as NetBIOS names are not routable. If using a WINS server, that will most often allow for proper browsing. If so as HeavyWaterLTD suggested, make sure your DHCP server is assigning the WINS server's IP to all clients.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
IvanT2006Author Commented:
Hi

I had it enabled on all the routers by default.

0
 
HeavyWaterLTDCommented:
Apparently your previous linksys setup played nicely with netbios but with the introduction of the netgear box this no longer works. If you have enabled netbios passthrough on all your boxes and vpn tunnels then it may be that it will never work as your previous setup.

As RobWill mentioned, netbios is not a routable protocol. for netbios name resolution through layer 3 environments a more elegant solution would be to deploy WINS servers for netbios name resolution. Once you do this, you have to have all your hosts (servers, clients) point to the WINS server to register.
0
 
IvanT2006Author Commented:
Hi

So what would  I have to do? I have a DC in each location among with tens of PCs. Would I have to enable WINS on each DC and then enable Netbios over TCP/IP on each machine?

Thanks
0
 
Rob WilliamsCommented:
Are these DC's members of the same domain? If they are, and they are replicating AD there should be no problem or anything to configure, so long as replication is working properly. I would verify you have DNS configured on the remote DC's by running netdiag and dcdiag on those DC's. The utilities are available on some of the Windows install CD's, as part of the Windows resource kit, or from:
http://www3.ns.sympatico.ca/malagash/Downloads/Net/
There are different versions of these utilities, so if possible get them from your matching windows CD.
NetBIOS and WINS solutions are usually more important if you do not have a local DC, though for browsing the network, WINS is a great asset.
0
 
IvanT2006Author Commented:
No in fact they all are different domains. Each having its own DNS server. The problem is that without really being able to browse other domains, I cannot establish trusts. Thus the replication of DNS is impossible.
0
 
Rob WilliamsCommented:
Browsing relies on NetBIOS, which over a VPN pretty much requires WINS, however AD, trusts, and replication rely on DNS. I would look at "resolving" that  first. Not sure how DCdiag works between different domains, but it certainly will not hurt to run. It may point out some critical errors.
You could try making use of the LMHosts file to add the remote DC names. This might help the servers to locate one another more easily. It uses/assists with NetBIOS naming.
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfd_lmh_qxqq.mspx?mfr=true
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now