Solved

VPN file transfer problems - "network name no longer available".

Posted on 2009-04-13
12
849 Views
Last Modified: 2012-05-06
there is a VPN (default) on windows server 2008, connected on LAN with LAN IP address. There a router with port forwards (47, 1701, 1723) to that server.

XP PC connects from internet to the server just fine, can't browse microsoft network (does not show LAN pc's), but I can easily access LAN's PC by entering IP or name and see the contents of sharing.

The problem is when I try to download something from that shared folder. I CAN download files smaller than ~1KB, but that's about it. Trying to copy larger files, gives errors:

"Cannot copy STHG: The specified network name is no longer available",
 and error about being not able to read files. ("cant open file...")

The problem is with VPN, because sharing on he same LAN works just fine. VPN connection made by administrator account.

Any ideas how to fix this?
0
Comment
Question by:Povilas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
12 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 20 total points
ID: 24137288
Sounds almost like an MTU issue.

Try ping'ing the computer with the following command:

   ping a.b.c.d -f -l 1472

where a.b.c.d is the IP address of the computer with the share.  Then start lowering the 1472 by two until it works.  By default (assuming you are using Windows VPN client) you should get down to 1372 before it works.

Then do the same thing from the computer with the share to the computer you are trying to copy down to.
0
 
LVL 1

Author Comment

by:Povilas
ID: 24137377
On LAN I can ping with 1472, but on the VPN, I can ping max 1372. So changing this option on Internet router should solve my problem?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24137597
No, those numbers are correct.  The packets for the VPN flow inside the "normal LAN" packets, so they must be smaller than the normal LAN packets.  By default Windows uses a MTU of 1400 for the VPN packets so that it will easly fit within the LAN packets (MTU of 1500 or 1492 typically).

You only get 1372 because IP has a 20 byte header and ICMP (ping) has a 8 byte header.  So 1372+20+8=1400.

In my experience when copying files larger than the MTU fails it has always been an issue with mismatch of MTU sizes.

Do you see any errors or unusual events in any of the event logs?
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 1

Author Comment

by:Povilas
ID: 24137685
No I don't. No logs after failed copy over VPN.

  1   50 4294967295  connected    Loopback Pseudo-Interface 1
 19   35   1372  connected    RAS (Dial In) Interface
 10   20   1500  connected    LAN

I have changed MTU on server using this tutorial:

mwecomputers:
Another thing you can do on the Windows Server 2008 side is this:

In the console enter the following commands to change the MTU:
netsh interface ipv4 show interfaces

Take note of the id number of the wireless interface (as you will need it below), then do:
netsh interface ipv4 set subinterface id mtu=1492 store=persistent


But if I change MTU to 1372 and try to connect over the VPN, netsh interface ipv4 show interfaces Shows MTU reset to 1400.

So the question is - where should I change MTU, because internet is provided over DSL lines and it takes some time to change router's configuration. Is it possible simply to change MTU on client and server?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24137965
For now I would leave the MTU alone.  What are you using as your VPN server?
0
 
LVL 1

Author Comment

by:Povilas
ID: 24137987
Windows 2008 Server, integrated VPN server. same with XP - standart integrated VPN client.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24138450
Is this server the same server that the share is on?
0
 
LVL 1

Author Comment

by:Povilas
ID: 24138527
The server is on the LAN and has an internal IP. It has users for simple connections to access shares, that are on that server. So this server is simple PC on the LAN with VPN ports forwarded from main router.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24139935
O.K., it sounds like you are using a single server for both the file shares and the VPN server.  So when you do the packet capture you need to run it on the network connection representing the VPN on the server side too.
0
 
LVL 1

Author Comment

by:Povilas
ID: 24140042
I have connected local router and tryied VPN on it - same thing :-( looks like the problem is windows 2008 server software :-( The big question now is - what's that problem.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 24140597
I would then do the packet capture to see which side the problem is occurring on (server or client).
0
 
LVL 1

Accepted Solution

by:
Povilas earned 0 total points
ID: 24142952
Looks like I have found a solution, but not the roots of the problem. And a solution was deleting VPN role on the server and installing it back again without any additional configuration. At least it worked with temporary local router on the LAN. Still have no idea, why this helped, but it actually solved the problem for now.

By the way - thanks for the help.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question