Link to home
Start Free TrialLog in
Avatar of yballan
yballanFlag for United States of America

asked on

Cisco IPSec VPN Connection with Mac only sees Public folder

Dear Experts,

I have a file server (running Windows Server 2008 R2 Standard with SP1) on our network with 3 drives, C, F, G, and have most of the shared data on F and G drives.  Using MacBook (OS v. 10.11.3), I am able to connect to server via IP address, and able to see all shared folders.
However, when I am away from the network, using Cisco VPN IPSec connection, it is able to see Public folder on C drive, but not the rest.  It also sees NAS storage on the network, but I need to have F and G drives on the file server for the Mac users.  What do I need to do?
Please advise.
Avatar of yballan
yballan
Flag of United States of America image

ASKER

Additionally, I just realized that within network, I cannot see the C drive or NAS, so with and without VPN, Mac users see completely different set of folders.  I am extremely puzzled.
Can you map the shared folder by IP address?  That is:

Net use T: \\ipaddress\folder
Net use X: \\ipaddress\nextfolder

What happens for one specific such map?  That is, what numerical server error do you get?
I think you would have to connect with credentials from the windows server envoirment - when you connect on your mac, you should have an option to put in other credentials somewhere
Avatar of yballan

ASKER

Dear John Hurst, thank you for a quick response, I wasn't sure if you meant that I map them on my PC.
When I do, it succeeds, and I am able to map it.  When I execute it from terminal on Mac, I get command not found error.
If you get the server error with a number and "Not found", that means it is not seeing the drive so then it cannot see the folder. See if you can find the server error number.

I meant map from a terminal window on the MAC.

Try mapping again from the MAC and report the exact error number.

When you use the Cisco VPN client, are you OUTSIDE the Office. You cannot map from inside the office or you will wind up on the same subnet and all will be confused.
Avatar of serialband
The net use command only works in windows.

On mac, just try to enter the share name when you connect to share (command k).

smb://your_server/F

If it's not found then you don't have access.
Avatar of yballan

ASKER

Dear Serialband,

The weird thing is, I can connect when I am within my network, and I have access to all of the shared folders.  Only with VPN, I cannot access them.  Either with IP or Shared names.
Is there an alternative to Cisco VPN?  I thought I had to use that because we have Cisco Firewall.
Cisco IPsec VPN is not the greatest tool in Windows and I do not use. I use instead NCP Secure Entry (www.ncp-e.com). Bombproof in Windows. They have a MAC version as well and you can get a full function 30-day trial. It may be worth checking out.

I use NCP on Cisco and Juniper hardware VPN machines.
Avatar of yballan

ASKER

Dear Gammelgaard, yes, I do have a place to put the Windows Credential.  This is the method I am using.

https://anders.com/guides/native-cisco-vpn-on-mac-os-x/

I put my Windows credential along with VPN PCF Shared Secret password, group name, and am able to connect to the server itself.
I just cannot see all of the shared drives, only Public on C drive.

When I am not using VPN (within my network) I can see everything as if I am a PC user.
Avatar of yballan

ASKER

Also, I do not have this issue with any of my PC users.  They all VPN from outside, and are able to connect to all shared folders.  Just 2 Mac users that have this issue.
Can you access other internal ressources when on VPN? It could be a NAT issue in the VPN config..
Ah, not the NAT issue then
Check the logs on the windows server, if you can see failed attempts and maybe a description of use
Avatar of yballan

ASKER

Dear Gammelgaard,

I cannot connect with VPN within the network, as PCs do not either, unless I am from outside.
I looked at the Event Viewer on the file server itself, I do not see any errors or warning referring to my trying to connect last night from home.
I also looked at our main server with AD, but no errors or warnings there either.

It must be something with Cisco VPN because without it, I have no issues at all, I just wish there was an alternative.
ASKER CERTIFIED SOLUTION
Avatar of John
John
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of yballan

ASKER

Dear John Hurst, thank you, I am definitely going to look into this and try it.
Dear Gammelgaard, yes, I can ping the IP, using VPN.
Avatar of yballan

ASKER

Dear John, I am now working with NCP client app, still reading through the configuration for IPSec, but I think this is the right direction for me.  Thank you.

Dear Gammelgaard, your advises helped me reach the conclusion not to keep working with Cisco Native VPN on Mac and search for other solutions.  Thank you for that.
You are very welcome and I was happy to help. New version of NCP out this past week or so and it continues to work well for me.