?
Solved

VPN Please help cannot access shares

Posted on 2006-11-30
8
Medium Priority
?
170 Views
Last Modified: 2010-04-08
Hi Experts

Any help appreciated.

I have 2 win2k3 servers at different locations

I connect server A to server B over internet VPN

Port forward 1723 on linksys router on server B

connects - authenticates - logs in no problem at all

Server B is a DHCP server to incoming connections.

I can use VNC to connect to server B using a lan IP 192.168.1.100

BUT I cannot access any of the network shares on server B

I tried DMZ very quickly and with no luck then turned it off again.

I can VNC backward and forward between both server a and b so I am guessing that the TCP Protocol is getting through ok.

I can ping no problem at all

any ideas??

Thanks very much.
Nik
0
Comment
Question by:nikdonovanau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 9

Expert Comment

by:jjoseph_x
ID: 18047764
If you try to access the machines via the IP like \\192.168.0.11 do you see their shares?   Because it could be a name resolution issue.
0
 
LVL 1

Author Comment

by:nikdonovanau
ID: 18049220
Thanks for that - I cant access any network shares using names or ip addresses. I get the error 'no network provider accepted the given path'
0
 
LVL 9

Expert Comment

by:jjoseph_x
ID: 18049484
It sounds like NetBIOS (SMB) might not be blocked.  How are you making the VPN connection?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 1

Author Comment

by:nikdonovanau
ID: 18089658
Thanks jjoseph_x
Sorry for the delay. My firewall setup is:
 Linksys ADSL 2 Router with http & mail ports open and forward to server -> D-Link VPN Router (in Linksys DMZ) forward vpn to server -> server with no software firewall.
The strange thing is I can ping 'server' and it resolves to 192.168.1.100 and I get 0% packet loss.
I can even VNC direct by typing 'server' in the connection box.
trying to connect via cmd I get error 67
I cannot telnet to 'server' over VPN but locally I can
Thanks again for you help thus far.
0
 
LVL 9

Expert Comment

by:jjoseph_x
ID: 18090920
Hmmm.  So VNC works fine, but telnet does not?  It really sounds like ports are being blocked (there's no other for VNC - port 5900 - to work and not telnet).

Are you sure that there are no firewalls on that box?  Not even the Microsoft built-in firewall?
0
 
LVL 1

Author Comment

by:nikdonovanau
ID: 18091009
Thanks for the reply,

I have done a port scan over the VPN connection and the following ports are open

25,42,53,80,88,110,119,135,143,389,445,464,563,593,636,691,993,995,1024,1034,1723,3068,3268,3269,3306,3389,5800,5900,6001,6002,6004

Am I missing something obvious?

Thanks again
Nik
0
 
LVL 9

Accepted Solution

by:
jjoseph_x earned 2000 total points
ID: 18098184
You can telnet to the machine locally, but you can't access port 23 over the VPN?

As for drive mapping, port 445 TCP is used for SMB in windows 2000+ (otherwise it will use 135 tcp, and 138 and 139 UDP).

Just of the heck of it, try disabling NetBIOS over TCP for the connection (go to the properties of TCP/IP for the connection, go to the WINS tab and select the "disable NetBIOS over TCP" radio button.

0
 
LVL 1

Author Comment

by:nikdonovanau
ID: 18163069
Thanks for all your help experts. I was in an environment where I could not restart the server. However what I did to solve the problem is to wait until the slowest possible time, kick everyone off and reboot the server. Something so simple can be so hard sometimes.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month11 days, 12 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question