<div>
Specifically, since NETBIOS isn't routable, I am guessing that when you try to make the connection via FQDN, netbios is being blocked at the layer 3 device. What have you got in the middle?<br />

</div>


<div>
Either that, or it is a DNS zone issue.
</div>


<div>
If this is the case, you may have replication problems between sites. Check the FRS logs.
</div>


<div>
ChiefIT,<br />
DNS seems to be fine. &nbsp;This is a University. &nbsp;DNS is done centrally. &nbsp;The University helpdesk checked DNS and seemed to be fine.<br />
<br />
There is QIP which does the public DNS and then there is Active Directory DNS. &nbsp;<br />
<br />
I did a NSlookup on the IP and on the FQDN and they all match....<br />
<br />
both computers look at the same DNS server. &nbsp;There are 3 DNS server actually... &nbsp;I don't manage any of them. &nbsp;<br />
<br />
I can ping and telnet to all of the ports <br />
<br />
\\FQDN &nbsp;doesn't work or takes like 10 min to come up.<br />
<br />
\\shortname works quickly...
</div>


<div>
Anything in the hosts file?
</div>


<div>
no.. &nbsp;just the standard loop back.. &nbsp;
</div>


<div>
let me ask. &nbsp;when you just use the short name, does it just query Active Directory? NetBios?<br />
<br />
and if you use the FQDN it goes to the dns server?<br />
<br />

</div>


<div>
How many protocols do you have bound to the adaptor?
</div>


<div>
It spams the LAN with netbios. Fqdn goes to DNS.
</div>


<div>
netbios seems to work from a computer within the same network&gt;&gt; &nbsp;<br />
ip address doesn't work<br />
fqdn doesn't work.<br />
<br />
from a VPN tunnel, the IP address DOES work but short name doesn't (expected) and FQDN doesn't.<br />
<br />
TCP/IP is bound and Client for MS Networks, File and Printer Sharing.. &nbsp;
</div>


<div>
When the tunnel is established, can you contact a useful DNS server? (this I have seen before)
</div>


<div>
when I do an IPconfig/all it pulls the same DNS servers that my clients do.<br />
<br />
everything goes to 3 dns servers. &nbsp;all clients University wide and all VPN tunnels.
</div>


<div>
Can you run an actual nslookup?
</div>


<div>
Yes, it first tries to query my ISP DNS, then it goes to the tunnel DNS and resolves.<br />
<br />
<br />

</div>


<div>
That was not the answer I was expecting. Hmm. What type f VPN?
</div>


<div>
SSL VPN. &nbsp; University system... &nbsp; uses Juniper<br />
<br />
one of the other admins here was thinking something in AD. &nbsp;or on the NIC for the server itself. &nbsp;<br />
<br />

</div>


<div>
I am doubting it is the nic. I would be more likely to think it was the stack.<br />
ssl VPN... Might be the ruleset for interesting traffic.
</div>


<div>
but doesn't explain the pc that is in the same network having the issue.
</div>


<div>
As there is a lot of guessing, I would take the time and effort to perform a network capture (e.g. with WireShark), to see what's wrong with normal FQDN queries.<br />

</div>


<div>
Not sure how WireShark works. &nbsp;I will look into it.. &nbsp;
</div>


<div>
I downloaded wireshark. &nbsp;let me mess with it to capture some data.. &nbsp;<br />

</div>


<div>
Capture filter (not display filter! It's defined in the settings for the network card capture dialog) should be set to<br />
port 53 or port 135 or port 137<br />
to be sure to capture all relevant data, and not to much other traffic.<br />
<br />

</div>


<div>
how about relevant to the destination only? &nbsp;I will connect to the VPN, then launch the software and try to connect to the server..???<br />
<br />

</div>


<div>
That way you won't see what other IPs are involved in name resolution process.<br />

</div>


<div>
new information<br />
<br />
it seems to work now if you use the IP address. &nbsp;if you use the FQDN it tries to login to the server using the credentials I am logged into the laptop with. &nbsp;(this won't work) &nbsp;it doesn't prompt me for a login box to type my credentials.<br />
<br />
when I use the IP address, it prompts me within 5 seconds...<br />
<br />
.<br />
<br />

</div>


<div>
That would be windows making your life easier. Same domain names?
</div>


<div>
completely different.. &nbsp;
</div>


<div>
I am at a loss... Machine vpns in from outside subnet, connects. DNS resolves through the tunnel, and shortnames and fqdn don't work. IP address does. That sounds right?<br />
Is it possible to connect with a different application via ip and fqdn?
</div>


<div>
there are no other applications on this server. &nbsp;it is just a file server.. &nbsp; <br />
<br />
so the summary is.. &nbsp;<br />
<br />
On campus within the same firewall:<br />
shortname works<br />
FQDN works but takes 10 min for it to pop up.<br />
<br />
Off campus through VPN:<br />
Short name doesn't work<br />
FQDN doesn't work<br />
IP address works..<br />

</div>


<div>
And from outside the network, VPN established, DNS resolves &quot;hostname&quot; to &quot;ipaddress&quot;. If you take that ip address, and pop it into the run dialogue, <a href="http://file://\\ipaddress\c$" rel="ugc nofollow">\\ipaddress\c$</a>, or whatever, it works, but <a href="http://file://\\hostname\c$" rel="ugc nofollow">\\hostname\c$</a> doesn't?. Is the machine nat'd accross the firewall? I could see what you are saying not working if the NAT is wrong, or if it resolves to the internal ip, but is nat'd to a different ip.<br />

</div>


<div>
When I establish an IP address from the tunnel I do get another IP address from the tunnel range.<br />
Your describing above is the case. &nbsp;ipaddress works, hostname doesn't.. &nbsp;<br />
<br />
The tunnel if firewall to firewall. &nbsp;You still type in the public IP address of the server to access it. &nbsp;Just need to have the tunnel active or it won't connect.. &nbsp; not that it does now..<br />
<br />
we have other tunnels set up the same way and it works fine. &nbsp; &nbsp;security team here on campus thought it maybe the server. &nbsp;I don't see how.. I think it is their tunnel or something with the network routing..<br />
<br />

</div>


<div>
The tunnel is firewall to firewall? You have a site-to-site VPN, then? <br />

</div>


<div>
That doesn't make any sense. Have your network guys check their routing and rules. Have them verify them against other sites, if you have them.
</div>


<div>
they said they have. &nbsp;but who knows. &nbsp;this is why I have been trying to troubleshoot myself.. &nbsp;some of the network guys are good, some are not.. &nbsp;
</div>


<div>
Speaking as a good network guy, with a 105 site wan, something isn't right...
</div>


<div>
ports to be aware of:<br />
<br />
File sharing:<br />
445/TCP SMB over TCP<br />
137/TCP WINS/Netbios Broadcast ports<br />
138/UDP Netbios datagram port<br />
139/UDP Netbios datagram port (used for Netbios over SMB and Netbios over WINS)<br />
<br />
Authentication through kerberose: (too many to list)<br />
<a href="http://www.erdc.hpc.mil/hardSoft/Kerberos/ports" rel="ugc">http://www.erdc.hpc.mil/hardSoft/Kerberos/ports</a><br />
<br />
Remote procedure call:<br />
135/TCP<br />
<br />
DNS port:<br />
53/TCP.<br />
<br />
from the site &nbsp;you can not contact the other try a port query to see if DNS is reachable from one site to another. However, It appears like a problem with authentication whenever you use a DNS connection. You may have a ONE-WAY trust relationship between one site and the other. OR, site DNS transfers are not working from one site to the other. This means the DNS records of one site are not on the other. So, when you query on the side that can't contact the remote site, the DNS host A records are not there and &nbsp;your query goes to outside servers. Are these sites trusted sites of one another? Are the DNS zone transfers making it from one site to the other? These are questions you might ask yourself. <br />
<br />
If Netbios works, ((//servername/share)), then DNS connections certainly work if not blocked or if it is trusted.<br />
<br />
If not, you may look and see if your DNS port allows communications on the DNS port (of the site you can not contact)<br />

</div>


<div>
Not sure if this will help..<br />
<br />
here is a WireShark log from the time I typed in \\FQDN until it finally connected. &nbsp;almost 10 minutes later...<br />
<br />

</div>


<div>
sorry.. &nbsp;with the file in EXCEL<br />
<a href="https://filedb.experts-exchange.com/incoming/2009/03_w10/112041/lefty.zip" target="_blank" class="file-inline" title="dump (23 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>lefty.zip</a>
</div>


lefty.zip

<div>
You have a spanning tree loop going on. Only two retransmissions, though...
</div>


<div>
Nothing went on in that capture. From start to end no more than 4 seconds have passed. First packet is 440 seconds (0:07:20) after start of capture. Either the problematic packets are not send via that interface, or the capture filter was too restricitive.<br />

</div>


<div>
the server we are trying to connect to is 136.142.142.216<br />
the server the software is on is 136.142.142.217 &nbsp;(source)<br />
<br />
sorry.
</div>


<div>
it was an open capture. &nbsp;I can see everything in there...<br />
<br />
<br />
7 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.023558 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cisco_8d:70:e9 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Spanning-tree-(for-bridges<wbr />)_00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;STP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Conf. Root = 2239/00:d0:04:6a:80:00 &nbsp;Cost = 8 &nbsp;Port = 0x8029<br />
8 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118324 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ICMP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Echo (ping) request<br />
9 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118428 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ICMP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Echo (ping) reply<br />
10 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118559 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;TCP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;4476 &gt;&nbsp;microsoft-ds [SYN] Seq=0 Win=65535 Len=0 MSS=1460<br />
11 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118699 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ICMP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Echo (ping) request<br />
12 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118879 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;TCP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;microsoft-ds &gt;&nbsp;4476 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460<br />
13 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118908 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;TCP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;4476 &gt;&nbsp;microsoft-ds [ACK] Seq=1 Ack=1 Win=65535 [TCP CHECKSUM INCORRECT] Len=0<br />
14 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.118978 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ICMP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Echo (ping) reply<br />
15 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.119083 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Negotiate Protocol Request<br />
16 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.11964 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Negotiate Protocol Response<br />
17 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.120343 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Request, NTLMSSP_NEGOTIATE<br />
18 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.120826 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQ<wbr />UIRED<br />
19 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.121157 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Request, NTLMSSP_AUTH, User: \<br />
20 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.122018 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Response<br />
21 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.122274 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tree Connect AndX Request, Path: \\OCD-DATA.OCD.PITT.EDU\IP<wbr />C$<br />
22 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.122777 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tree Connect AndX Response<br />
23 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.123028 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Trans2 Request, GET_DFS_REFERRAL, File: \ocd-data.ocd.pitt.edu\.<br />
24 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.123202 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Trans2 Response, GET_DFS_REFERRAL, Error: STATUS_NO_SUCH_DEVICE<br />
25 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.123869 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Request, NTLMSSP_NEGOTIATE<br />
26 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.124193 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQ<wbr />UIRED<br />
27 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.124424 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SMB &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Session Setup AndX Request, NTLMSSP_AUTH, User: OCD\Administrator<br />
28 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.249701 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.216 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;136.142.142.217 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;TCP &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;microsoft-ds &gt;&nbsp;4476 [ACK] Seq=1298 Ack=1574 Win=65535 Len=0<br />

</div>


<div>
right around line 521 is where it finally connects...
</div>


<div>
@qlemo: Scroll up.<br />
@lefty431: You have my bet as to what is causing this. Even with only two retransmissions, I am guessing that you have 75 or 80 percent spanning tree in that capture. <br />

</div>


<div>
I am going to post the log from the VPN tunnel to the destination.. &nbsp;maybe that will help.. I am just going to past the stuff right in there..<br />

</div>


<div>
Is there more than one path between the client and server?
</div>


<div>
meaning file share?<br />
<br />

</div>


<div>
layer 2. That much spanning tree is a big problem.
</div>


<div>
It is a layer 2 protocol that breaks switching loops. 
</div>


<div>
hmm.. &nbsp;is there a way to update the WireShark capture? &nbsp;I tried zipping it and it wouldnt let me, &nbsp;I figured it would be easier to read...
</div>


<div>
Not sure. Maybe just attach a new file?
</div>


<div>
here is the capture from the vpn tunnel.<br />
<br />
at first it didn't work at all. &nbsp; then I used the IP address and got a prompt....<br />
<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2009/03_w10/112064/leftyfromvpn.xls" target="_blank" class="file-inline" title="vpn (132 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>leftyfromvpn.xls</a>
</div>


leftyfromvpn.xls

<div>
Silly me :-(<br />
&nbsp;<br />
&nbsp;In the last capture are a lot of login errors for JIM-IPC\jim using NTLM. The last attempt works. This is really strange, as long as you did not re-enter your password ...<br />
<br />
About Spanning Tree: Yes, I reckon this is a real problem here. Multicasts to check for STP are ok every now and then, but the captured stuff looks like a multilink not configured correctly (as Cisco is detecting loops). If loops are detected, packets might (will) be discarded silently, as they are expected to come on more than one network port. NetBIOS has to time out then to resend requests. Might fit here.<br />
&nbsp;<br />

</div>


<div>
I didn't not enter anything, nor did I get prompted to. &nbsp;Vista is trying to use the credentials that I am logged into the laptop with.<br />
<br />
Conneting with NetBIOS works right away.<br />
<br />
meaning if I click on \\netbios name it connects in about 2 seconds. (from a computer in the same filewall) &nbsp;If I try to connect with that same computer using the \\FQDN it doesn't work. &nbsp;IP address does work.<br />
<br />
form the VPN tunnel it is a different story I suspect maybe related in some way.<br />
<br />
from the tunnel I can get it to work with an IP address about 80% of the time. &nbsp;using the FQDN it usually doesn't work and we all know the short name isn't going to work...<br />
<br />

</div>


<div>
@qlemo: It's the only thing I can think of. I am guessing that with the tunnel established, there is some problem with vlan trunking, and it is trying to prune excessivly.
</div>


<div>
anything I can test on the server? &nbsp;if I can't rule out the Univeristies equipment, I can rule out mine.. &nbsp;
</div>


<div>
Your server would have nothing to do with STP. It is a layer 2 protocol.<br />

</div>


<div>
I would hand that packet cap to your cisco guy, and ask him to look into the spanning tree.
</div>


<div>
Cisco guy.. &nbsp; Now that's funny.....
</div>


<div>
:)<br />
Well, who ever it is that is responsible for the cisco switches.<br />

</div>


<div>
Can someone tell me what happens when you do<br />
<br />
\\servername<br />
vs.<br />
\\servername.domainname.ed<wbr />u<br />
<br />
?<br />
<br />

</div>


<div>
<a href="http://articles.techrepublic.com.com/5100-10878_11-5034239.html" rel="ugc">http://articles.techrepubl<wbr />ic.com.com<wbr />/5100-1087<wbr />8_11-50342<wbr />39.html</a><br />
This explains netbios, and a bit of DNS. Shortnames are netbios, fqdn are dns. <br />

</div>


<div>
After the server is identified, the actual data is moved via CIFS, which is an updated SMB.
</div>


<div>
so if there were a routing issue, how can I narrow down to DNS vs. Netbios?
</div>


<div>
It's not a routing issue. Not really. The issue, I suspect, is that STP is pruning too much. Are your vlans trunked?<br />

</div>


<div>
good question.. &nbsp;I will find out. &nbsp;they should be...<br />

</div>


<div>
&quot;&quot;so if there were a routing issue, how can I narrow down to DNS vs. Netbios?&quot;&quot;<br />
<br />
Use NSlookup to troubleshoot DNS issues. NSLookup is strictly a DNS troubleshooting utility. <br />
<br />
Many folks don't realize this, but Ping is a multi-protocol troubleshooting utility.<br />
<br />
Ping xxx.xxx.xxx.xxx can help troubleshoot ARP<br />
Ping servername helps troubleshoot netbios<br />
Ping servername.domainname helps troubleshoot DNS. <br />
<br />
This is the same idea with UNC paths: (UNC stands for Universal Naming Convention for a reason)<br />
//xxx.xxx.xxx.xxx/share is mapping by an IP<br />
//servername/share is mapping by the netbios name<br />
//servername.domain.name/s<wbr />hare is mapping by DNS<br />
<br />
Your current issue is with DNS: The FQDN doesn't work all the time. So, either your client's preferred DNS servers are not the School's DNS servers or you have a configured Host file on the client:<br />
I wrote an article on how to simplify the troubleshooting of DNS for Experts Exchange:<br />
<br />
The article is called &quot;DNS TROUBLESHOOTING MADE EASY&quot;<br />
<a href="http://beta.experts-exchange.com/articles/Networking/Protocols/DNS/DNS-TROUBLESHOOTING-MADE-EASY.html" rel="ugc nofollow">http://beta.experts-exchange.com/articles/Networking/Protocols/DNS/DNS-TROUBLESHOOTING-MADE-EASY.html</a><br />
<br />
If you go to the articles section of EE, then you will be able to find and open the article. <br />
<br />
1) Check your preferred DNS server list on the client:<br />
2) Check your host file to make sure it is NOT configured with anything except the loopback address<br />
3) Flush your DNS cache by going to the command prompt and typing IPconfig /flushDNS<br />
<br />
Then, lets see if you have these issues with DNS. 
</div>


<div>
Used NSlookup and everything resolved correctly.<br />
able to Ping domain name and ip address. &nbsp;resolves correctly.<br />
flushed DNS on both servers and check the host file.<br />
<br />
It seems to work a little better. &nbsp;Still takes about 5 minutes for it to connect with an IP address for FQDN. &nbsp;but short name works in seconds...<br />
<br />
saw something on a blog about the NVidia network card drivers.. &nbsp;so looking into that, however I have no idea how to even troubleshoot a driver outside of just upgrading it.<br />
<br />
the server does have 4 network ports in it so I configured one of the other ports on a different IP address with a different DNS name.<br />
<br />
same thing. it connect.<br />
<br />
yesturday I took the 3rd network port and configured it to a different VLAN. &nbsp;from that vlan I tried to connect and it had the same issue.<br />
<br />
from the server I am having problems with I tried to connect to a data server and it connected with FQDN, IP and short name within seconds.<br />
<br />
so it seems to only be when connecting to THIS server. &nbsp;<br />
<br />
I have a rebuild scheduled on Friday but I want to rule EVERY thing else out. &nbsp;<br />
<br />
anything in the OS you know of I can check? &nbsp;
</div>


<div>
I can't think of anything. 
</div>


<div>
Going to upgrade to 2008 server. &nbsp;See if that does anything. &nbsp;Then rebuild.
</div>


<div>
No nothing.. &nbsp;stil the same thing.. I even put a second computer in the same vlan as this and tried to connect to that and that doesn't work either. &nbsp;The University doesn't want to admit there is an issue and they just point fingers back and forth at each other.
</div>


<div>
So, I was right, and it is a network problem. 
</div>


<div>
I guess if your going for right and wrong. &nbsp;yeah.. &nbsp;:-)
</div>


<div>
:)<br />
You really shoudl find someone to look at those STP problems... There is a loop, and that is no good.<br />

</div>


<div>
I think this has to do with the server's preferred DNS server. <br />
<br />
Can you provide a IPconfig /all of the problem child server?<br />
<br />
Also run a DCdiag /verbose and look for errors on that server. Further, look in event logs for DNS issues. Post any discrepancies with the IPconfig for us and we should be able to correct the issue. <br />
<br />
Those two things would go a long way to troubleshooting this issue before a rebuild. 
</div>


<div>
I will look into it tonight and see what I can come up with. &nbsp;The University 3 DNS servers. &nbsp;No one else is reporting an issue that I know of.. <br />
<br />
I will look and let you know.. 
</div>


<div>
Cisco looked at the network, microsoft looked at the server. &nbsp;it is a network issues with spanning tree. &nbsp;they are replacing the equipment this weekend. &nbsp;thanks for all that helped.
</div>


<div>
<div class="content wysiwyg-content">
I have an issue <br />
<br />
2 networks. &nbsp;<br />
hardware firewall between the two networks. &nbsp;no windows firewalls<br />
network 1 (wordstations) can only access network shares from a server in network 2 with the short name only. <br />
\\servername<br />
<br />
IP address works but it takes about 5 minutes for it to pop up and the <br />
<br />
full DNS name does not work<br />
\\servename.servernetwork.<wbr />com<br />
<br />
spoke to the network security people here and there seems to be no firewall issues. &nbsp;no traffic is bing dropped. &nbsp;Netbios is allowed.<br />
DNS servers report information correctly.<br />
I can telnet to all Netbios ports, I can ping the server<br />
<br />
The only thing that doesn't work is the UNC path to the fully quailifed DNS name. &nbsp;<br />
This needs to work so that we can use our SSLVPN connection to map drives.<br />
<br />
thanks
</div>
</div>


I have an issue 

2 networks.  
hardware firewall between the two networks.  no windows firewalls
network 1 (wordstations) can only access network shares from a server in network 2 with the short name only. 
\\servername

IP address works but it takes about 5 minutes for it to pop up and the 

full DNS name does not work
\\servename.servernetwork.com

spoke to the network security people here and there seems to be no firewall issues.  no traffic is bing dropped.  Netbios is allowed.
DNS servers report information correctly.
I can telnet to all Netbios ports, I can ping the server

The only thing that doesn't work is the UNC path to the fully quailifed DNS name.  
This needs to work so that we can use our SSLVPN connection to map drives.

thanks

Firewall iss or Network issue or Server issue

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Networking Protocols

The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries, organized in abstraction layers, traditionally called "Link," "Internet," "Transport" and "Application”. Its routing function enables internetworking, and essentially establishes the Internet. IP defines packet structures that encapsulate the data to be delivered. It also defines addressing methods that are used to label the datagram with source and destination information.