Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

cannot access shares via VPN

Hello,

I am using Watchguard Firebox x1000 for my VPN box.

I have mobile users who when connected to the VPN try accessing shares on the network. They get messages like:
Error occured while connecting to z: to \\servername\sharename.
Microsoft Windows Network: The network name cannot be found. System error 53.

All my users are WinXPPro. I have 8 mobile users but I have one user who is able to access the share without any problem.

I am able to ping by ip and computer name over the VPN.
I can connect to any share by ip address. ie \\192.168.128.8\sharename over the VPN.
I can ping anything over the VPN.
Ipconfig shows the correct WINS and DNS settings on the mobile systems.
Using net view/network: \\servername doesnt show any shares.
I have added the entries in my lmhost and host file on the workstations
The one system I have that can connect fine seems like it is setup just like all the others.
I've made sure that the mobile users are on a different subnet.
I can use Network neighborhood to browse my network fine. but when I try to see any shares on any server it give me the same error.

Any idea what I am missing?

Thanks
0
Steviek411
Asked:
Steviek411
  • 2
1 Solution
 
saw830Commented:
Hi Steviek411,
I've seen this error with Kerberos problems occuring over VPNs.  More precisely, it has been Kerberos UDP packets getting fragmented.
Here's a MS document that may help with your problem:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/tkerberr.mspx
To test and/or fix the UDP packet fragmentation problem, have a look at this MS document:
http://support.microsoft.com/kb/244474

Hope this helps,
Alan
0
 
Rob WilliamsCommented:
-Test if you can connect with the full computer and domain name as  \\ComputerName.domain.local  If so, add the suffix DomainName.local to the DNS configuration of the network adapter under | TCP/IP properties | Advanced | DNS | "Append these DNS suffixes (in order)" | Add ]
-You could also add entries to the LMHosts file which works well but is a bit of a paint to manage if you are connecting to multiple systems.
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfd_lmh_qxqq.mspx?mfr=true
0
 
Rob WilliamsCommented:
Thanks Steviek411,
--Rob
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now