NetBios and VPN connection

  • Thread starter Thread starter David Silberhorn
  • Start date Start date
D

David Silberhorn

I have done quite a bit of searching but am unable to
find a definitive answer about NetBios and VPN. I have
setup quite a few VPN connections before and my results
seem to be inconsistant.

I want to resolve netbios names on the workstations I'm
connecting from. Lately, everything I've seen say you
have to have a WINS server to resolve them. However, I
am 95% sure I've done this sucessfully without a wins
server. I'm not sure I want to use a WINS server on my
network. I don't have any 9x machines on my network
either. Do I HAVE to use a WINS server for netbios
resolution through RAS?

My current situation is that I can resolve full DNS names
through RAS. I can connect to resources via ip address
or FQDN. I cannot use the normal netbios resolution. I
have played with enabling and disabling netbios on the
network cards and the vpn connections. I've played with
the different protocols available in windows 2000
server. I cannot for the life of me figure out how I got
the netbios resolution working in the past.

I though the issue might be the firewall. I haven't
figured out how to determine which end it would be on if
that's even the problem. I'm basically working with all
microsoft products so you would think it would work.

Any help would extremely appreciated.

-David silberhorn
 
You probably need to add a DNS suffix (and possibly the DNS IP) to your VPN
clients.

Depending on your configuration, you could make this happen using DHCP, but
you may have to do it manually at each client workstation

So basically, from a VPN client, if you type "ping server" (since you don't
have WINS running), your computer tries to resolve the name using DNS.
Presumably, the clients are set to use their ISP's DNS servers, which know
nothing about your internal networks.

The easiest way to fix this (if the VPN connections are not 24/7) is to add
the DNS suffix (domain.com, or domain.local, or whatever your Win2000 domain
is called) to your VPN clients. That way, if you type "ping server" the
computer will append .domain.com to the name, so in effect you are pinging
the FQDN.
 
Isaac's suggestion (to use DNS) sounds fine to me. If you really want to
use Netbios names without running WINS, the client will need an LMHOSTS file
with entries for every LAN machine you want to access by name (so that it
can resolve the name to an IP address).

Netbios name resolution without WINS fails across routers or WAN links
because LAN broadcasts are not passed.
 
Back
Top