Solved

Netgear Client to Site VPN with Windows 8.1 Clients

Posted on 2015-01-07
7
350 Views
Last Modified: 2015-01-11
I'm supporting a small office with a few road warriors who VPN back to the home office file storage computer.
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.
We are using the Windows firewall throughout the clients.
We are using the Netgear Prosafe VPN Client Professional (which appears to be GreenBow based).
The clients are all terminated on a Netgear FVS336GV2 Router.

Suddenly there are problems.
A remote client can connect the tunnel but can't see the files in the office.
No pings work between the clients and the (whether they did before or not?).

Unfortunately, I don't recall all of the settings that were used but I'm fairly confident that nothing has changed.
So, some of the below is for information and *not* the most likely cause:

The office local LAN subnet is 192.168.234.0/24
The apparent VPN subnet (at least by convention in the clients) appears to be 192.168.2.0/24
(I wonder why it's not 192.168.234.0/24 to match the LAN - but the client software warns if it's set this way).
So, I rather suspect that this is OK and that I just didn't remember this detail and the router

The VPN network connection on the client is showing as a Public Network.
This doesn't seem right to me.
I don't know how to change it to Private... even though I've gone through the typical "howto" steps.  I don't know how the VPN client interacts
The original setup has the Private File and Printer sharing items on the clients set to include the LAN subnet in their scopes.

We suspect that there's something about Windows 8.1, perhaps an update, that's changed the good performance.  But, we don't know what that might be.

Some users report that rebooting their client computer fixes it for a time.  But, I've not been able to confirm this hands-on.
VPN-Router-Connections.jpg
VPN-Client.jpg
VPN-Client-Network-Connections.jpg
VPN-Client-Firewall-Typical...jpg
0
Comment
Question by:Fred Marshall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40536836
This has all been working fine for months on end with both Windows 7 and Windows 8/8.1 clients.

I wonder if this is because of recent security updates in Windows 8.1. I use NCP Secure Entry as a client (www.ncp-e.com) and there was a new complete upgrade at the introduction of Windows 8.1. Ask Netgear for a client update.

A remote client can connect the tunnel but can't see the files in the office

What happens if you try to map a drive as Z: \\192.168.234.x\folder ?  Do you get an error?  DNS could have changed.
0
 
LVL 26

Author Comment

by:Fred Marshall
ID: 40536973
John:  thanks..

This was working fine post-8.1.
The Netgear client version appears to be the same today as it was a few months ago.

I think I got it fixed but the "fix" doesn't make sense to me.

On the workstation that is the "file server" at 192.168.234.10, I added a route:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.234.1 metric 3.

That seems silly because 192.168.234.1 is the gateway and default route.
It implies that packets destined for 192.168.2.0 would either:
- not depart the file-serving workstation
- not get into the tunnel at the router.

The router has been up for 29 days and I wonder if a reboot might not be the "real" fix.
Yet, the fix appears to have been at the server...... (Also Windows 8.1).
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40536984
I am not precisely sure, but the route changes tie a bit into my comment about mapping by IP address.

I would still ask Netgear about a new client just to be sure.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 26

Author Comment

by:Fred Marshall
ID: 40537007
Oh.  Well the thing about IP addresses vs. names is already part of the formula - so I hadn't responded about that.
But, it's darned good advice!

The client is freely downloadable and has the same version number as the ones that are installed.
I ran wireshark at each end and found that it was the server not getting back to the client.  So I think the client is working OK.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40537011
The IP address part is just a test to help narrow down issues.

I ran wireshark at each end and found that it was the server not getting back to the client

Thanks. The Netgear box may need a firmware update.
0
 
LVL 26

Author Closing Comment

by:Fred Marshall
ID: 40543566
Thanks for the advice.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40543574
@fmarshall  - You are very welcome and I was happy to help.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question