Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Netgear Client to Site VPN with Windows 8.1 Clients

Posted on 2015-01-07
7
Medium Priority
?
356 Views
Last Modified: 2015-01-11
I'm supporting a small office with a few road warriors who VPN back to the home office file storage computer.
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.
We are using the Windows firewall throughout the clients.
We are using the Netgear Prosafe VPN Client Professional (which appears to be GreenBow based).
The clients are all terminated on a Netgear FVS336GV2 Router.

Suddenly there are problems.
A remote client can connect the tunnel but can't see the files in the office.
No pings work between the clients and the (whether they did before or not?).

Unfortunately, I don't recall all of the settings that were used but I'm fairly confident that nothing has changed.
So, some of the below is for information and *not* the most likely cause:

The office local LAN subnet is 192.168.234.0/24
The apparent VPN subnet (at least by convention in the clients) appears to be 192.168.2.0/24
(I wonder why it's not 192.168.234.0/24 to match the LAN - but the client software warns if it's set this way).
So, I rather suspect that this is OK and that I just didn't remember this detail and the router

The VPN network connection on the client is showing as a Public Network.
This doesn't seem right to me.
I don't know how to change it to Private... even though I've gone through the typical "howto" steps.  I don't know how the VPN client interacts
The original setup has the Private File and Printer sharing items on the clients set to include the LAN subnet in their scopes.

We suspect that there's something about Windows 8.1, perhaps an update, that's changed the good performance.  But, we don't know what that might be.

Some users report that rebooting their client computer fixes it for a time.  But, I've not been able to confirm this hands-on.
VPN-Router-Connections.jpg
VPN-Client.jpg
VPN-Client-Network-Connections.jpg
VPN-Client-Firewall-Typical...jpg
0
Comment
Question by:Fred Marshall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 98

Accepted Solution

by:
John Hurst earned 2000 total points
ID: 40536836
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.

I wonder if this is because of recent security updates in Windows 8.1. I use NCP Secure Entry as a client (www.ncp-e.com) and there was a new complete upgrade at the introduction of Windows 8.1. Ask Netgear for a client update.

A remote client can connect the tunnel but can't see the files in the office

What happens if you try to map a drive as Z: \\192.168.234.x\folder ?  Do you get an error?  DNS could have changed.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 40536973
John:  thanks..

This was working fine post-8.1.
The Netgear client version appears to be the same today as it was a few months ago.

I think I got it fixed but the "fix" doesn't make sense to me.

On the workstation that is the "file server" at 192.168.234.10, I added a route:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.234.1 metric 3.

That seems silly because 192.168.234.1 is the gateway and default route.
It implies that packets destined for 192.168.2.0 would either:
- not depart the file-serving workstation
- not get into the tunnel at the router.

The router has been up for 29 days and I wonder if a reboot might not be the "real" fix.
Yet, the fix appears to have been at the server...... (Also Windows 8.1).
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 40536984
I am not precisely sure, but the route changes tie a bit into my comment about mapping by IP address.

I would still ask Netgear about a new client just to be sure.
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
LVL 26

Author Comment

by:Fred Marshall
ID: 40537007
Oh.  Well the thing about IP addresses vs. names is already part of the formula - so I hadn't responded about that.
But, it's darned good advice!

The client is freely downloadable and has the same version number as the ones that are installed.
I ran wireshark at each end and found that it was the server not getting back to the client.  So I think the client is working OK.
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 40537011
The IP address part is just a test to help narrow down issues.

I ran wireshark at each end and found that it was the server not getting back to the client

Thanks. The Netgear box may need a firmware update.
0
 
LVL 26

Author Closing Comment

by:Fred Marshall
ID: 40543566
Thanks for the advice.
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 40543574
@fmarshall  - You are very welcome and I was happy to help.
0

Featured Post

Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question