Cannot access shared drives over VPN using Windows XP

Hi Folks:

   I am trying to set up a simple VPN with Windows XP Pro at each end.
   I have configured the VPN server and created a TestVPN user account. On the client machine I have set up the VPN connection and specified the correct IP address for the router attached to the VPN server computer. I have set the router to allow PPTP through to the VPN server.

  I can make the connection, but I cannot seem to access any shared folders on the VPN server. I have searched through the articles here and although they seem to address the issue, they always seems to be something which is unclear.

  I tried "net use x: \\Fileserver\testshare" where Fileserver is the name of the computer hosting the VPN, I also tried using the statric IP address of the Fileserver computer - i.e., and I also tried using the IP address of the router which passes PPTP traffic to the fileserver computer - all to no avail.

Using an LMhosts file - could someone give me a clear example? Does this file have to be on the VPN host system - i.e. fileserver or just on the client system?

Do I have to install any other protocols on the systems other than TCP/IP and File and Printer sharing and CLient for Microsoft networks

Ideally I want to be able to map the shares / drives so that files can be accessed by the remote client - such as quickbook files - so that the files are updated on the VPN host server system and not simply copied to the remote client.

Thanks in advance.

Best regards, Dave Melnyk

Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

Rob WilliamsConnect With a Mentor Commented:
>>"standard DLINK DI-524 - i.e. the router is lan address and WAN is"
Is the 70.x.x.x address the WAN of the D-Link? If so your in good shape for that part but if it's WAN is you have 2 problems.

However, not sure how familiar you are with this so let me explain the problem first, and there may be ways around it. Routing directs packets to different networks, if 2 networks use the same subnet, the routing devices do not know to which subnet to send the packets. Thus the problem with the home and office network being the same. Does a packet destined for the 192.168.0.x network get kept local, or sent to the remote network, thus often gets lost. The second problem mentioned above, is the same issue. Routers separate networks. If  above the WAN and the LAN of the D-Link both use 192.168.0.x then you have 3 locations the same. I'm not sure that is what you are saying, maybe we can clarify that.

Bridge mode; If the WAN port (     not LAN) of the D-Link has a IP, then the modem is performing NAT (network address translation), basically acting as another router. Many are not like this by the way. I might me able to be specific as to how to change if I knew the make and model. Only NAT modems can be put in bridge mode, but it is often as simple as changing an option from NAT or router mode to Bridge mode. Bridge mode effectively makes it a simple modem. Once that is done then you need to configure the WAN section of the D-Link router with the ISP connection information. If you have a dynamic connection, you probably don't have to do anything, if static you have to enter IP, subnet mask, gateway and dns, and if PPPoE you need to enter user name and password. Once done the router will have the 70.x.x.x WAN address.

Duplicate subnets; though the local and remote subnets need to be different, the Windows PPTP VPN will "usually" work if you enable the remote gateway option on the client. There is a security feature in the VPN client that blocks local connections, including local Internet access, to protect the office/remote network. It is usually enabled by default, but make sure that it is enabled.   Network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
When this is enabled, it "should" force all traffic to the office network, eliminating the possibility of a routing conflict.

Bt the way the client should obtain an IP in the same subnet as the office LAN, it will have a subnet mask of, and the gateway will be the VPN virtual adapter itself, in other words the same IP as the assigned VPN client IP address.

Perhaps some of that will help. If any doubts about the modem let us know the make and model.
Rob WilliamsCommented:
Dave, one of the first things to check is both ends should be using a different subnet. If the office uses IP's belonging to the 192.168.1.x subnet , then the remote site needs to use something else such as 192.168.2.x
Also on your router you need to enable PPTP pass-through, as well as forward port 1723 to the VPN "server" computer.
Finally, does your router's WAN/Internet/Public interface have a true public IP ? In other words is it assigned the IP to which you are trying to connect, or is that assigned to your modem? If the latter, the modem needs to be put in bridge mode.
d_melnykAuthor Commented:

   Thanks for the reply - the subnet thing may be an issue - the remote site is using the same subnet and providing me an IP address with

  The subnet thing may be a bit of a problem to overcome as the two networks are already set up and starting to change things at either one would involve a fair amount of work - and probably grief! I guess there may be no way past that problem short of using an ssl based VPN.

  The router has PPTP forwarded to port 1723 on the VPN server

   The router at the office is assigned and the modem has the true IP address - i.e. standard DLINK DI-524 - i.e. the router is lan address and WAN is

How does one put the "modem" in bridge mode?

Best regards, Dave Melnyk
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

d_melnykAuthor Commented:
Hi RobWill:

   Sorry I did not respond earlier - have been extremely busy. The issue is now no longer as pressing as we have opted to go with the netOp Remote Controlsolution which is dead simple to set up and thouroughly reliable for our needs.

   The router does indeed have the "public" or WAN address "" and the router LAN address is

The setup did have the "use default gateway on remote network" enabled, but there was still no ability to 'browse" for network shares.Could this be because the client machine also had a netbeui protocol installed as well as TCP/IP (netbeui was installed to use on another network when connected locally)?

Best regards, Dave Melnyk

Rob WilliamsCommented:
>>"Could this be because the client machine also had a netbeui protocol installed as well as TCP/IP "
No that is fine. NetBEUI is not routable, so it doesn't help with VPN name resolution or browsing, but it will not interfere.

I suspect the problem is the subnets being identical. One of the primary rules of a VPN is they must be different. As pointed out above, it will "usually" work, but not always and it is not proper procedure.

Cheers Dave,
Rob WilliamsCommented:
Thanks Dave,
All Courses

From novice to tech pro — start learning today.