Solved

Netgear Client to Site VPN with Windows 8.1 Clients

Posted on 2015-01-07
7
348 Views
Last Modified: 2015-01-11
I'm supporting a small office with a few road warriors who VPN back to the home office file storage computer.
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.
We are using the Windows firewall throughout the clients.
We are using the Netgear Prosafe VPN Client Professional (which appears to be GreenBow based).
The clients are all terminated on a Netgear FVS336GV2 Router.

Suddenly there are problems.
A remote client can connect the tunnel but can't see the files in the office.
No pings work between the clients and the (whether they did before or not?).

Unfortunately, I don't recall all of the settings that were used but I'm fairly confident that nothing has changed.
So, some of the below is for information and *not* the most likely cause:

The office local LAN subnet is 192.168.234.0/24
The apparent VPN subnet (at least by convention in the clients) appears to be 192.168.2.0/24
(I wonder why it's not 192.168.234.0/24 to match the LAN - but the client software warns if it's set this way).
So, I rather suspect that this is OK and that I just didn't remember this detail and the router

The VPN network connection on the client is showing as a Public Network.
This doesn't seem right to me.
I don't know how to change it to Private... even though I've gone through the typical "howto" steps.  I don't know how the VPN client interacts
The original setup has the Private File and Printer sharing items on the clients set to include the LAN subnet in their scopes.

We suspect that there's something about Windows 8.1, perhaps an update, that's changed the good performance.  But, we don't know what that might be.

Some users report that rebooting their client computer fixes it for a time.  But, I've not been able to confirm this hands-on.
VPN-Router-Connections.jpg
VPN-Client.jpg
VPN-Client-Network-Connections.jpg
VPN-Client-Firewall-Typical...jpg
0
Comment
Question by:Fred Marshall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40536836
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.

I wonder if this is because of recent security updates in Windows 8.1. I use NCP Secure Entry as a client (www.ncp-e.com) and there was a new complete upgrade at the introduction of Windows 8.1. Ask Netgear for a client update.

A remote client can connect the tunnel but can't see the files in the office

What happens if you try to map a drive as Z: \\192.168.234.x\folder ?  Do you get an error?  DNS could have changed.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 40536973
John:  thanks..

This was working fine post-8.1.
The Netgear client version appears to be the same today as it was a few months ago.

I think I got it fixed but the "fix" doesn't make sense to me.

On the workstation that is the "file server" at 192.168.234.10, I added a route:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.234.1 metric 3.

That seems silly because 192.168.234.1 is the gateway and default route.
It implies that packets destined for 192.168.2.0 would either:
- not depart the file-serving workstation
- not get into the tunnel at the router.

The router has been up for 29 days and I wonder if a reboot might not be the "real" fix.
Yet, the fix appears to have been at the server...... (Also Windows 8.1).
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40536984
I am not precisely sure, but the route changes tie a bit into my comment about mapping by IP address.

I would still ask Netgear about a new client just to be sure.
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 26

Author Comment

by:Fred Marshall
ID: 40537007
Oh.  Well the thing about IP addresses vs. names is already part of the formula - so I hadn't responded about that.
But, it's darned good advice!

The client is freely downloadable and has the same version number as the ones that are installed.
I ran wireshark at each end and found that it was the server not getting back to the client.  So I think the client is working OK.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40537011
The IP address part is just a test to help narrow down issues.

I ran wireshark at each end and found that it was the server not getting back to the client

Thanks. The Netgear box may need a firmware update.
0
 
LVL 26

Author Closing Comment

by:Fred Marshall
ID: 40543566
Thanks for the advice.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40543574
@fmarshall  - You are very welcome and I was happy to help.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
The goal of this Micro Tutorial is to help navigate beginning users with the app store on Windows 8. It will explain exciting features how to maximize your PC through these apps. This will be demonstrated using Windows 8 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question