Improve company productivity with a Business Account.Sign Up


Cannot access shared drives over VPN using Windows XP

Posted on 2006-11-17
Medium Priority
Last Modified: 2008-02-26
Hi Folks:

   I am trying to set up a simple VPN with Windows XP Pro at each end.
   I have configured the VPN server and created a TestVPN user account. On the client machine I have set up the VPN connection and specified the correct IP address for the router attached to the VPN server computer. I have set the router to allow PPTP through to the VPN server.

  I can make the connection, but I cannot seem to access any shared folders on the VPN server. I have searched through the articles here and although they seem to address the issue, they always seems to be something which is unclear.

  I tried "net use x: \\Fileserver\testshare" where Fileserver is the name of the computer hosting the VPN, I also tried using the statric IP address of the Fileserver computer - i.e., and I also tried using the IP address of the router which passes PPTP traffic to the fileserver computer - all to no avail.

Using an LMhosts file - could someone give me a clear example? Does this file have to be on the VPN host system - i.e. fileserver or just on the client system?

Do I have to install any other protocols on the systems other than TCP/IP and File and Printer sharing and CLient for Microsoft networks

Ideally I want to be able to map the shares / drives so that files can be accessed by the remote client - such as quickbook files - so that the files are updated on the VPN host server system and not simply copied to the remote client.

Thanks in advance.

Best regards, Dave Melnyk

Question by:d_melnyk
  • 4
  • 2
LVL 78

Expert Comment

by:Rob Williams
ID: 17967998
Dave, one of the first things to check is both ends should be using a different subnet. If the office uses IP's belonging to the 192.168.1.x subnet , then the remote site needs to use something else such as 192.168.2.x
Also on your router you need to enable PPTP pass-through, as well as forward port 1723 to the VPN "server" computer.
Finally, does your router's WAN/Internet/Public interface have a true public IP ? In other words is it assigned the IP to which you are trying to connect, or is that assigned to your modem? If the latter, the modem needs to be put in bridge mode.

Author Comment

ID: 17968164

   Thanks for the reply - the subnet thing may be an issue - the remote site is using the same subnet and providing me an IP address with

  The subnet thing may be a bit of a problem to overcome as the two networks are already set up and starting to change things at either one would involve a fair amount of work - and probably grief! I guess there may be no way past that problem short of using an ssl based VPN.

  The router has PPTP forwarded to port 1723 on the VPN server

   The router at the office is assigned and the modem has the true IP address - i.e. standard DLINK DI-524 - i.e. the router is lan address and WAN is

How does one put the "modem" in bridge mode?

Best regards, Dave Melnyk
LVL 78

Accepted Solution

Rob Williams earned 1000 total points
ID: 17968746
>>"standard DLINK DI-524 - i.e. the router is lan address and WAN is"
Is the 70.x.x.x address the WAN of the D-Link? If so your in good shape for that part but if it's WAN is you have 2 problems.

However, not sure how familiar you are with this so let me explain the problem first, and there may be ways around it. Routing directs packets to different networks, if 2 networks use the same subnet, the routing devices do not know to which subnet to send the packets. Thus the problem with the home and office network being the same. Does a packet destined for the 192.168.0.x network get kept local, or sent to the remote network, thus often gets lost. The second problem mentioned above, is the same issue. Routers separate networks. If  above the WAN and the LAN of the D-Link both use 192.168.0.x then you have 3 locations the same. I'm not sure that is what you are saying, maybe we can clarify that.

Bridge mode; If the WAN port (     not LAN) of the D-Link has a IP, then the modem is performing NAT (network address translation), basically acting as another router. Many are not like this by the way. I might me able to be specific as to how to change if I knew the make and model. Only NAT modems can be put in bridge mode, but it is often as simple as changing an option from NAT or router mode to Bridge mode. Bridge mode effectively makes it a simple modem. Once that is done then you need to configure the WAN section of the D-Link router with the ISP connection information. If you have a dynamic connection, you probably don't have to do anything, if static you have to enter IP, subnet mask, gateway and dns, and if PPPoE you need to enter user name and password. Once done the router will have the 70.x.x.x WAN address.

Duplicate subnets; though the local and remote subnets need to be different, the Windows PPTP VPN will "usually" work if you enable the remote gateway option on the client. There is a security feature in the VPN client that blocks local connections, including local Internet access, to protect the office/remote network. It is usually enabled by default, but make sure that it is enabled.   Network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
When this is enabled, it "should" force all traffic to the office network, eliminating the possibility of a routing conflict.

Bt the way the client should obtain an IP in the same subnet as the office LAN, it will have a subnet mask of, and the gateway will be the VPN virtual adapter itself, in other words the same IP as the assigned VPN client IP address.

Perhaps some of that will help. If any doubts about the modem let us know the make and model.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!


Author Comment

ID: 17990431
Hi RobWill:

   Sorry I did not respond earlier - have been extremely busy. The issue is now no longer as pressing as we have opted to go with the netOp Remote Controlsolution which is dead simple to set up and thouroughly reliable for our needs.

   The router does indeed have the "public" or WAN address "" and the router LAN address is

The setup did have the "use default gateway on remote network" enabled, but there was still no ability to 'browse" for network shares.Could this be because the client machine also had a netbeui protocol installed as well as TCP/IP (netbeui was installed to use on another network when connected locally)?

Best regards, Dave Melnyk

LVL 78

Expert Comment

by:Rob Williams
ID: 17990945
>>"Could this be because the client machine also had a netbeui protocol installed as well as TCP/IP "
No that is fine. NetBEUI is not routable, so it doesn't help with VPN name resolution or browsing, but it will not interfere.

I suspect the problem is the subnets being identical. One of the primary rules of a VPN is they must be different. As pointed out above, it will "usually" work, but not always and it is not proper procedure.

Cheers Dave,
LVL 78

Expert Comment

by:Rob Williams
ID: 18043137
Thanks Dave,

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question