VPN Folder Sharing

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

The setup:
2 XP pro boxes behind separate routers on DSL - different locations.
VPN connects OK. Confirmed through Remote Desktop Connection and logmein.
Also, using a dynamic dns on both sides.

Everything works fine except I cannot share a folder or drive.
Have tried \\computer name\folder, \\dynamic dns\computer name\folder, ...

And I thought the hard part was going to be stting up the firewalls and
routers.

Any help would be appreciated!

Thanks,
Jack
 
jackjenkins said:
The setup:
2 XP pro boxes behind separate routers on DSL - different locations.
VPN connects OK. Confirmed through Remote Desktop Connection and
logmein. Also, using a dynamic dns on both sides.

Everything works fine except I cannot share a folder or drive.
Have tried \\computer name\folder, \\dynamic dns\computer
name\folder, ...

And I thought the hard part was going to be stting up the firewalls
and routers.

Any help would be appreciated!

Thanks,
Jack
Click to expand...

Once the tunnel is established, can you successfully ping each computer by
its private IP address? If so, it's a name resolution issue, most likely.
You could use an LMHOSTS file to take care of that....see if
http://support.microsoft.com/default.aspx?scid=kb;en-us;150800 helps.
 
Thanks for the link, lmhosts file worked great.
I guess I'll figure out the password problem tomorrow.

Thanks,
Jack
 
For the sharing I may have a problem with the ip address.
Both are 192.168.0.xxx but different locations. Should I change 1 side to
192.168.1.xxx?
When I try to map the folder, \\computername\folder It immediately comes
back with a login screen with "Computername\Guest" and a blank for password.
When I change the name and use the password the same screen come back.

Any ideas?

Thanks,
Jack
 
jackjenkins said:
For the sharing I may have a problem with the ip address.
Both are 192.168.0.xxx but different locations. Should I change 1
side to 192.168.1.xxx?
Click to expand...

Yes, you cannot have the same sub-net in use at both ends of a VPN link.
Change the subnets so that they do not conflict or overlap.
 
My only option for this router's dhcp server is 192.168.0.xxx. Since the
same router is on both ends. So eventhough I connect and can confirm a
connection on both ends via logmein, RDC, are you saying the only thing I
will be able to do is make a connection but not share? I have simple file
sharing turned off on both sides too.

Thanks,
Jack
 
jackjenkins said:
My only option for this router's dhcp server is 192.168.0.xxx. Since
the same router is on both ends.
Click to expand...

So reconfigure one of the routers. Make it occupy a different sub-net. Every
respectable router permits this.
So eventhough I connect and can
confirm a connection on both ends via logmein, RDC, are you saying
the only thing I will be able to do is make a connection but not
share?
Click to expand...

There is no problem with RDC because it does not get involved in the remote
addressing ranges. But VPN is what it says: a virtual network card on your
PC, but in the address range of a remote network. For IP routing to work on
the tunnel, the IP ranges at each end of the tunnel must be distinct.

Once you are connected on the VPN, you can't refer to the shares of the
other PC by either its WAN address or its NetBIOS name, you must use the
local LAN IP address of the PC at the far end of the VPN tunnel. For
instance, if the remote PC is 192.168.9.123 in its own LAN, and you connect
to it via VPN forwarded through its router, then you would click Start, then
Run, then type in:

\\192.168.9.123

This should open up the list of share for that PC.
I have simple file sharing turned off on both sides too.
Click to expand...

I don't think that is relevant to any of your problems at present.
 
I guess that I'm not thinking about this problem the right way.

CPU1 -- 192.168.0.101 -- Router(dhcp server) -- Public IP -- Internet--

Public IP -- Router(dhcp server) -- 192.168.0.103 -- CPU2

I have an lmhosts file on each box and nbtstat -c shows connections on boths
sides.

Am I just making this too complicated??

Jack
 
Robin,

Sorry, I read your post after I posted again.
Well, I guess I'm screwed since I can only configure the router with
192.168.0.xxx on each end. I am surprised that I can connect. So I guess it
gets confused on the password screen for mapping a drive but not for
connecting. Since I could no get past the password screen I thought it
maight have something to do with permissions.

Thanks,
Jack
 
Robin,

The best I can do with this Dlink 604 router is set static dhcp addresses.
This is a 'cheap' router. I believe it should work but...

Thanks,
Jack
 
jackjenkins said:
The best I can do with this Dlink 604 router is set static dhcp
addresses. This is a 'cheap' router.
Click to expand...

See pages 9 and 19 of the D-Link DI-504 manual. You can set the LAN address
of the router to be something other than the default 192.168.0.1 (e.g.
192.168.xxx.1, where xxx is any number in the range 1 to 255). Go to
configuration pages, top tab "Home", left tab "LAN".

The moment you have made this change, you will lose connection to the
configuration pages, and you will have to reconnect at the new LAN address.
 
Robin,

You were exactly right. I was wondering why those settings were 'grayed out'.
I obviously still have a 'forest and trees' problem though.

I still get the password screen when trying to share. When I try
\\servername\share, the password screen immediately comes back up no matter
which user, password I use.

Here is ipconfig and nbtstat -c from both sides:

Thank you so much for your help!

Jack

Server ipconfig (remote box)

PPP adapter RAS Server <Dial In> Interface:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.104
Subnet Mask. . . . . . . . . . . : 255.255.255.255
Default Gateway. . . . . . . . . :

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.103
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.1


Client ipconfig (home box)

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.1.101
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.1.1

PPP adapter Testvpn 2:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.103
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.103

Client nbtstat -c

Local Area Connection:

Node IpAddress: [192.168.1.101] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.1.101 -1


Testvpn 2:

Node IpAddress: [192.168.0.103] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.1.101 -1



Server nbtstat -c


Local Area Connection:

Node IpAddress: [192.168.0.103] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.0.103 -1
Localcom-1 <1B> UNIQUE 192.168.1.101 -1


RAS Server <Dial in> Interface:

Node IpAddress: [192.168.0.104] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
 
jackjenkins said:
I still get the password screen when trying to share. When I try
\\servername\share, the password screen immediately comes back up no
matter which user, password I use.

Here is ipconfig and nbtstat -c from both sides:

Server ipconfig (remote box)

PPP adapter RAS Server <Dial In> Interface:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.104
Subnet Mask. . . . . . . . . . . : 255.255.255.255
Default Gateway. . . . . . . . . :

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.103
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.1


Client ipconfig (home box)

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.1.101
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.1.1

PPP adapter Testvpn 2:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.103
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.103
Click to expand...

The VPN virtual adapter on the client has an identical IP address to the
Server's address on its own LAN. This is not right.

I think the issue might be a clash between static IPs overlapping
DHCP-issued ones.

If you allocate a static IP to your VPN Server, you must ensure that this
static IP address is within the sub-net of the router, but outside the DHCP
allocation pool of the router's DHCP server. For instance, if the router's
DHCP pool range is 192.168.0.100 and higher, then you should allocate static
IPs in the range 192.168.0.2 to 192.168.0.99.

So, first ensure that all statically allocated IP addresses are outside the
DHCP ranges of the routers.

Now, open the properties of "Incoming Connections" in the VPN Server's
Network Connections. Click tab Networking. Select "Internet Protocol
(TCP/IP)" and click Properties. There you will see a dialog for assigning
the TCP/IP addresses for the VPN link. These addresses by default will be
obtained from the VPN Server's DHCP server; i.e. the router. If you had
allocated an IP address to the VPN server from within the DHCP pool of the
router, then the same IP address could be issued by the router's DHCP server
to the VPN link end-points. Another way of preventing this happening is to
allocate a range of static IP addresses (within the router's LAN subnet
range, but outside the DHCP pool) to the VPN link. You need two IP
addresses per VPN connection (one for each end of the link).

Once you have made these changes, try all the ipconfig analysis again.
 
Robin,

Thank you so much for the time you have spent responding.
It is working however the ip addresses I chose were at the upper end of the
pool. I put them just outside the pool and could not connect again after
configuring firewalls, routers, etc. Then I extended the range just to get
things working again and I can now share folders with \\192.168.x.xxx\share.
I guess changing to 192.168.0.xxx and 192.168.1.xxx on the routers worked.
However there are some funny entries on ipconfig, nbtstat -c. I'll play with
it for a few days and see what happens.

Thanks again,
Jack

Server Testvpn ipconfig (remote box)

PPP adapter RAS Server <Dial In> Interface:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.202
Subnet Mask. . . . . . . . . . . : 255.255.255.255
Default Gateway. . . . . . . . . :

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.201
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.1


Client ipconfig (home box)

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.1.201
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.1.1

PPP adapter Testvpn 2:

Connection-specific DNS Suffix . :
IP Address . . . . . . . . . . . : 192.168.0.203
Subnet Mask. . . . . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.0.203

Client (home) nbtstat -c

Local Area Connection:

Node IpAddress: [192.168.1.201] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.1.201 -1


Testvpn 2:

Node IpAddress: [192.168.0.203] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.1.201 -1
Testvpn <03> Unique 192.168.1.201 -1
Testvpn <00> Unique 192.168.1.201 -1
Testvpn <20> Unique 192.168.1.201 -1


Server nbtstat -c


Local Area Connection:

Node IpAddress: [192.168.0.201] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
---------------------------------------------------------------
Workgroup <1C> Group 192.168.0.201 -1
Localcom-1 <1B> UNIQUE 192.168.1.201 -1


RAS Server <Dial in> Interface:

Node IpAddress: [192.168.0.202] Scope Id: []

NetBios Remote Cache Name Table

Name Type Host Address Life [sec]
 
jackjenkins said:
It is working however the ip addresses I chose were at the upper end
of the pool. I put them just outside the pool and could not connect
again after configuring firewalls, routers, etc.
Click to expand...

I don't understand why this should be so. The DHCP pool range in the router
should not affect connectivity. But anyway, it works now.
Then I extended the
range just to get things working again and I can now share folders
with \\192.168.x.xxx\share. I guess changing to 192.168.0.xxx and
192.168.1.xxx on the routers worked. However there are some funny
entries on ipconfig, nbtstat -c.
Click to expand...

They look fine to me. If it now works, don't change anything!
 
Back
Top