Copying files over VPN - "Network Name No Longer Available"

Remote users access the corporate network over VPN.  The Client software is Netscreen remote, and at the office end there is a Juniper firewall and Speedtouch 530 ethernet router.  Applications such as Lotus Notes and Windows Terminal Services function correctly over the VPN, but it is impossible to copy files.  From the remote workstation a drive can be mapped (using its IP address and sharename not its Netbios name) but when this drive is accessed, it refreshes approx every two seconds.  This is more noticeable if File Manager is used rather than Explorer.  Invariably any attempt to copy a file fails, even tiny files of a few KB.  I have already set the MTU value on the remote machines to a value which does not fragment packets, and set opportunistic locking to OFF on the server(s).  If anyone has overcome this problem, I would be very much obliged if they could share their knowledge.  I am getting grief from remote users, which I am passing on to the VPN supplier - and they are not best pleased.  Max points available for a solution!
LVL 1
BobPettyAsked:
Who is Participating?
 
stagiraConnect With a Mentor Commented:
Hi,
have you tried to the set flow path-mtu ?
Some Microsoft services use NetBIOS over TCP/IP. these traffic has the Don't Fragment (DF) bit set in the header of the packet.
By default, any large packets that require fragmentation will be dropped by the NetScreen if the DF bit is set.

try :

set flow path-mtu

but if the fragmentation is the issue, the Maximum Segment Size (MSS) can be set to 1350.

This can be done with the set flow tcp-mss command

try:
set flow tcp-mss 1350
0
 
BobPettyAuthor Commented:
Hi Stagira.
Thanks for your input.  I have already set the MTU to a level which avoids fragmentation, by using PING with the -f and -L switches.  This has come out at 1372 on my home laptop, more on some machines, less on others.  Seems to depend on the broadband/ISP/Location.
I am intrigued by your comment about SET FLOW PATH-MTU and SET FLOW TCP-MSS  No machine I have so-far come across has had these as environment variables.  Please can you give more information?  Thanks.
0
 
stagiraCommented:
Hi,
those options is for the netscreen (juniper firewall).
0
 
BobPettyAuthor Commented:
Hi Stagira

I have passed you comments on to the VPN provider, as I have no access to the Juniper firewall/Speedtouch modem/router.  Will let you know when they get themselves into gear.  Thanks for the input.
0
 
BobPettyAuthor Commented:
Hi Stagira

The VPN provider has now done the necessary, and I have successfully copied files and directories to and from the remote machine.  I am happy to award you the maximum points.  Thank you for your input and expertise.  Moderators, please will you now close this question.
0
All Courses

From novice to tech pro — start learning today.