-
June 14th, 2004, 03:05 AM
#1
Registered User
VPN Connections
I have set up a VPN connection from a remote office to our main server using 2 Cisco PIX501 firewalls. I have established a tunnel between the two firewalls and can ping from one network to the other using both IP address and computer name.
However I cannot connect to any networked shared drives or printers.
The IP address range of the main network is 10.2.5.xxx,
and the IP address range of the remote network is 10.2.10.xxx.
I have set up the 2k3 server as a DNS and a WINS server, but without any success.
Any help solving this problem would be appreciated.
Thanks
Mike
-
June 14th, 2004, 02:30 PM
#2
Registered User
Try this: map a drive to a share you know you have access to.
For instance - if 192.168.2.110 is a server and it has a share called "open" then do this at a command line:
net use G: \\192.168.2.110\open
Note, you must have permissions to the share to do this. Another option is to do a net view
C:\WINDOWS>net view /?
The syntax of this command is:
NET VIEW
[\\computername [/CACHE] | /DOMAIN[:domainname]]
NET VIEW /NETWORK:NW [\\computername
-
June 14th, 2004, 03:14 PM
#3
Registered User
Where does the DNS/WINS server sit? Does it have entries for one network or both?
Deliver me from Swedish furniture!
-
June 15th, 2004, 02:47 AM
#4
Registered User
natcom,
Thanks for your assistance, if I enter the command line
net use G: \\10.2.5.5\public
ehere 10.2.5.5 is the IP address of the server and public is a directory which has open access to all users.
I get the responce "System error 53 has occured. Network pathe not found"
If i enter the command
net view \\jsi /domain:jsiuk
where jsi id the name of the server and jsiuk is the domain name i get the same responce as above.
silencio,
Thanks for your assistance also.
The DNS/WINS server is located at the main office, at the remote office the PIX firewall acts as a DHCP server to issue IP addresses (as recommended by Cisco), and this points to the main server as DNS and WINS server.
The DNS entries in the main server do not include anything for the remote network, I would appreciate any advice on including this.
The WINS includes static entries for the remote PC's (Obviously not suitable for DHPC assigned IP addresses, but this will be resolved after we gain acces to the main network.
Thankyou both again for trying to help, any further assistance is greatly appreciated.
Regards
Mike
-
June 15th, 2004, 11:22 AM
#5
Registered User
Originally Posted by cartman101
natcom
Thanks for your assistance, if I enter the command line
net use G: \\10.2.5.5\public
ehere 10.2.5.5 is the IP address of the server and public is a directory which has open access to all users.
I get the responce "System error 53 has occured. Network pathe not found"
If i enter the command
net view \\jsi /domain:jsiuk
where jsi id the name of the server and jsiuk is the domain name i get the same responce as above.
silencio,
Thanks for your assistance also.
The DNS/WINS server is located at the main office, at the remote office the PIX firewall acts as a DHCP server to issue IP addresses (as recommended by Cisco), and this points to the main server as DNS and WINS server.
The DNS entries in the main server do not include anything for the remote network, I would appreciate any advice on including this.
The WINS includes static entries for the remote PC's (Obviously not suitable for DHPC assigned IP addresses, but this will be resolved after we gain acces to the main network.
Thankyou both again for trying to help, any further assistance is greatly appreciated.
Regards
Mike
Error 53 is a Name Resolution error
Can you put an LMHOSTS file in the DOS Partition?
Add the server you want to connect to to the LMHOSTS File and try it again
-
June 18th, 2004, 03:03 AM
#6
Registered User
natcom
Thanks again for the assistance.
I do not have a DOS partition on the remote computer (Running XP from NTFS partition)
I have a LMHOST file specified on the remote PC, it is located in the WINDOWS/System32/Drivers/etc
This file contains the following line
JSIUK [1Bh] Domain Master Browser 10.2.5.5 Active 10.2.5.5 17 20/06/2004 11:17:34
I think that the SRV part of the DNS may not be working, can this be easily "switched on".
Further help appreciated.
Regards
Mike
-
June 18th, 2004, 11:34 AM
#7
Registered User
Hi mike on the remote machine run Net diag tell me what you get
You need to install net diag from the windows xp cd run setup from the support directory
Last edited by natcom; June 18th, 2004 at 11:40 AM.
-
June 21st, 2004, 02:35 AM
#8
Registered User
natcom,
Thanks again for your assistance.
Outout from netdiag:-
C:\Program Files\Support Tools>netdiag
.....................................
Computer Name: VPNTEST
DNS Host Name: VPNTest.jsiuk.local
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 6 Model 6 Stepping 2, AuthenticAMD
List of installed hotfixes :
KB821557
KB823182
KB823559
KB823980
KB824105
KB824141
KB824146
KB825119
KB826939
KB828028
KB828035
KB828741
KB835732
KB837001
KB839643
KB840374
Q147222
Q308387
Q309521
Q311889
Q311967
Q312368
Q313450
Q314862
Q315000
Q315403
Q317277
Q318138
Q319580
Q323172
Q323255
Q324096
Q324380
Q326830
Q328310
Q328940
Q329048
Q329115
Q329170
Q329390
Q329441
Q329834
Q331953
Q810565
Q810577
Q810833
Q811493
Q811630
Q814033
Q815021
Q817287
Q817606
Q819696
Q828026
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : VPNTest.JSIUK.LOCAL
IP Address . . . . . . . . : 10.2.10.3
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.2.10.1
Primary WINS Server. . . . : 10.2.5.5
Dns Servers. . . . . . . . : 10.2.5.5
212.23.8.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Failed
The test failed. We were unable to query the WINS servers.
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : 0008024cac5b
Frame type . . . . . . : 802.2
Adapter : IPX Internal Interface
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000001
Node . . . . . . . . . : 000000000001
Frame type . . . . . . : Ethernet II
Adapter : IpxLoopbackAdapter
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000001
Node . . . . . . . . . : 000000000002
Frame type . . . . . . : 802.2
Adapter : NDISWANIPX
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : acec20524153
Frame type . . . . . . : Ethernet II
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to '\\JSIUK*\MAILSLOT\NET\NETLOGON' via
redir. [ERROR_BAD_NETPATH]
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'JSIUK'. [ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'JSIUK': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Failed
'JSIUK': Cannot find DC to get DC list from [test skipped].
[FATAL] Secure channel to domain 'JSIUK' is broken. [ERROR_NO_LOGON_SERVERS]
Kerberos test. . . . . . . . . . . : Skipped
'JSIUK': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The specified d
omain either does not exist or could not be contacted.
[WARNING] Cannot find DC in domain 'JSIUK'. [ERROR_NO_SUCH_DOMAIN]
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
Netware configuration
You are not logged in to your preferred server .
Netware User Name. . . . . . . :
Netware Server Name. . . . . . :
Netware Tree Name. . . . . . . :
Netware Workstation Context. . :
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
The command completed successfully
Regards
Mike
-
June 21st, 2004, 08:53 PM
#9
Registered User
Originally Posted by cartman101
natcom,
Thanks again for your assistance.
Outout from netdiag:-
C:\Program Files\Support Tools>netdiag
.....................................
Computer Name: VPNTEST
DNS Host Name: VPNTest.jsiuk.local
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 6 Model 6 Stepping 2, AuthenticAMD
List of installed hotfixes :
KB821557
KB823182
KB823559
KB823980
KB824105
KB824141
KB824146
KB825119
KB826939
KB828028
KB828035
KB828741
KB835732
KB837001
KB839643
KB840374
Q147222
Q308387
Q309521
Q311889
Q311967
Q312368
Q313450
Q314862
Q315000
Q315403
Q317277
Q318138
Q319580
Q323172
Q323255
Q324096
Q324380
Q326830
Q328310
Q328940
Q329048
Q329115
Q329170
Q329390
Q329441
Q329834
Q331953
Q810565
Q810577
Q810833
Q811493
Q811630
Q814033
Q815021
Q817287
Q817606
Q819696
Q828026
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : VPNTest.JSIUK.LOCAL
IP Address . . . . . . . . : 10.2.10.3
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.2.10.1
Primary WINS Server. . . . : 10.2.5.5
Dns Servers. . . . . . . . : 10.2.5.5
212.23.8.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Failed
The test failed. We were unable to query the WINS servers.
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : 0008024cac5b
Frame type . . . . . . : 802.2
Adapter : IPX Internal Interface
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000001
Node . . . . . . . . . : 000000000001
Frame type . . . . . . : Ethernet II
Adapter : IpxLoopbackAdapter
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000001
Node . . . . . . . . . : 000000000002
Frame type . . . . . . : 802.2
Adapter : NDISWANIPX
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : acec20524153
Frame type . . . . . . : Ethernet II
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0A74C3B5-69B1-495D-9CBD-EDFAFF15D6B4}
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to '\\JSIUK*\MAILSLOT\NET\NETLOGON' via
redir. [ERROR_BAD_NETPATH]
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'JSIUK'. [ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'JSIUK': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Failed
'JSIUK': Cannot find DC to get DC list from [test skipped].
[FATAL] Secure channel to domain 'JSIUK' is broken. [ERROR_NO_LOGON_SERVERS]
Kerberos test. . . . . . . . . . . : Skipped
'JSIUK': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The specified d
omain either does not exist or could not be contacted.
[WARNING] Cannot find DC in domain 'JSIUK'. [ERROR_NO_SUCH_DOMAIN]
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
Netware configuration
You are not logged in to your preferred server .
Netware User Name. . . . . . . :
Netware Server Name. . . . . . :
Netware Tree Name. . . . . . . :
Netware Workstation Context. . :
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
The command completed successfully
Regards
Mike
You will need either WINS on the server, or an LMHOSTS file on the workstation.
Also, make sure the remote PC is in the same WORKGROUP as the office network...
if you want to setup WINS read below
1) Setting up WINS involves loading the WINS server on one of your servers. Once loaded you need to specify the IP address of the WINS server on each client. You should also configure the WINS server as a client of WINS, in case you need to use other resources on this server. On the remote network, the routing must be set up to get to your network.
If you want to use lmhosts, then look at the sample file provided. It's called lmhosts.sam. Basically you provide IP to netbios name resolution here. Use #PRE and #DOM:domainname switches for servers and domain controllers. Remember that these switches are cse-sensitive. All workstation will need this file and the file name must be lmhosts. There is no extension to this name. Look at the sample file,
I personally think your best option will be the LMHOSTS file
http://www.realcomputerguy.com/lmhosts.htm
http://support.microsoft.com/default...b;en-us;314884
i hope this help
Last edited by natcom; June 21st, 2004 at 09:33 PM.
-
June 22nd, 2004, 03:48 AM
#10
Registered User
The continued help is appreciated
I have entered a lmhosts file on the remote PC and the Server.
Remote PC (10.2.10.3)
10.2.5.5 jsi #PRE #DOM:JSIUK.LOCAL
10.2.5.131 mike #PRE
Server (10.2.5.5)
10.2.5.5 jsi #PRE #DOM:JSIUK.LOCAL
10.2.10.3 VPNTest #PRE
I am still unable to access the network drives.
Further information, I tried to reconnect to the the Domain using the System icon in the Control Pannel - Computer Name tab.
Network ID, This computer is part of a business network,.... My company uses a network with a domain.
Entered user name password and domain (JSIUK.LOCAL)
Entered Computer name and domain (JSIUK.LOCAL)
andreceived the following in the details section of the error report:-
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain JSIUK.LOCAL:
The error was: "This operation returned because the timeout period expired."
(error code 0x000005B4 ERROR_TIMEOUT)
The query was for the SRV record for _ldap._tcp.dc._msdcs.JSIUK.LOCAL
The DNS servers used by this computer for name resolution are not responding. This computer is configured to use DNS servers with the following IP addresses:
10.2.5.5
Verify that this computer is connected to the network, that these are the correct DNS server IP addresses, and that at least one of the DNS servers is running.
For more information on how to correct this problem, click Help.
Thanks again for your continued assisance
Mike
Similar Threads
-
By tobevers in forum Networking
Replies: 4
Last Post: June 2nd, 2004, 03:01 AM
-
By amp10000 in forum Windows NT/2000
Replies: 0
Last Post: April 13th, 2004, 11:10 AM
-
By ilovetheusers in forum Tech-To-Tech
Replies: 4
Last Post: May 6th, 2002, 06:15 PM
-
By deh1217 in forum Networking
Replies: 1
Last Post: November 1st, 2001, 03:37 PM
-
By Hell_Fire in forum Windows NT/2000
Replies: 0
Last Post: July 6th, 2001, 06:51 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks