> Glad to hear you made significant progress.
>
> It should also work through your Linksys router but you may have to check
> options for allow ipsec pass through if available in it.
>
> I would check the VPN policy properties on the Sonicwall as by default
> they do not allow "netbios" which is needed for name resolution to work in
> your case and it may help to configure the remote computers to be a wins
> client of the server [if it indeed is server operating system] in it's
> tcp/ip properties/advanced/wins. Otherwise assuming the "server" has a
> static IP you could create an entry in the existing lmhosts file editing
> with notepad and saving with no extension name [in
> \windows\system32\drivers\etc] of the remote computer with a mapping for
> the server or just create a desktop shortcut to the share of the server
> using \\xxx.xxx.xxx.xxx\sharename so that it would make it easier for the
> end users to access it. If you edit the lmhosts file you could run the
> command nbtstat -R when done and then try to ping by the computer name and
> it should then resolve to the IP in the lmhosts file.
>
> Steve
>
> For example, the LMHOSTS file could contain the following information:
> 102.54.94.91 accounting #accounting server
> 102.54.94.94 payroll #payroll server
> 102.54.94.97 stockquote #PRE #stock quote server
> 102.54.94.102 printqueue #print server in Bldg 7In this example, the
> server named stockquote is preloaded into the name cache, because it is
> tagged with the #PRE keyword. The servers named accounting, payroll, and
> printqueue would be resolved only after the cache entries failed to match
> and after broadcast queries failed to locate them. After non-preloaded
> entries are resolved, their mappings are cached for a period of time for
> reuse.
>
>
>
> "JimA" <JimA[ at ]discussions.microsoft.com> wrote in message
> news:90E1A584-06D8-4A3C-9997-35F22906C3E9[ at ]microsoft.com...
>> At my remote site there were 2 pcs, 1 Xp pro and 1 W Media ctr. Because
>> of
>> the issues that I was having with the XP PC, I have it taken out of the
>> picture and also had removed a Linksys router that they were connected to
>> and
>> now they are connected directly to the TZ50 (was told it was a TZ150).
>>
>> I had the Global VPN Client (Sonicwall) software installed on the PC and
>> created a new connection using the LAN address of the TZ50. It asked for
>> a
>> U/P for the VPN which allowed it to connect.
>>
>> I then had the remote user go to Start\Run\ "\\xxx.xxx.xxx.xxx\sharename
>> and
>> received the U/P to the domain. The IP used was my local servers. The
>> Server
>> name wouldn't work.
>>
>> The user is now connected to the network share that resides on my server
>> so
>> it is now working fine.
>>
>> So all seems fine except that there is a name resolution issue. Any ideas
>> on
>> how to resolve that?
>>
>> Thanks for your help.
>> --
>> Jim A.
>>
>>
>> "Steven L Umbach" wrote:
>>
>>> You need to be able to ping the server with the share also as I am not
>>> sure
>>> what you mean by I "can ping the remote address" if that is the server
>>> or
>>> the public IP of the remote site.
>>>
>>> I have setup VPNs with Sonicwall where there are TZ170s at each site
>>> connecting the sites together with persistent VPN, where there is a
>>> TZ170 at
>>> a site and the remote user used the Global VPN client on his computer to
>>> connect to the TZ170, and also where the SSL 200 device is used as a web
>>> browser based VPN solution for remote users. Assuming you are not using
>>> SSL
>>> 200 type be sure to check the VPN policy so that any settings for "allow
>>> windows networking" or "netbios name resolution" are enabled.
>>>
>>> Another big problem are host/software firewalls. Even the Windows
>>> Firewall
>>> is usually configured for the local subnet which will block file and
>>> print
>>> sharing traffic from another subnet such as could be coming in via a
>>> point
>>> to point VPN connection from the remote site. Any Norton or Mcafee
>>> firewall
>>> enabled on a computer will usually do the same in trusting only the
>>> local
>>> subnet.
>>>
>>> Steve
>>>
>>>
>>> "JimA" <JimA[ at ]discussions.microsoft.com> wrote in message
>>> news:75DB3D73-1284-43DE-9BDF-50C3EAAF9000[ at ]microsoft.com...
>>> >I can ping the remote address from my FL site but am still waiting for
>>> >my
>>> > remote user to test pinging on the remote side. This is a Managed
>>> > Security
>>> > site (what a pain) that I have little control over and I will be
>>> > hopefully
>>> > receiving a copy of the Sonicwal policy to review.
>>> >
>>> > It just makes no sense with the VPN persistently up but nno share
>>> > access?
>>> >
>>> > Thanks, I wil repost when I have a solution.
>>> > --
>>> > Jim A.
>>> >
>>> >
>>> > "Rookie" wrote:
>>> >
>>> >> A persistent VPN would not need the user to logon but that is OK as
>>> >> once
>>> >> the
>>> >> user is logged onto the VPN he should then be able to access a share
>>> >> assuming everything is setup correctly.
>>> >>
>>> >> What I would do is to try and ping the computer with the share by IP
>>> >> and
>>> >> name to see what happens. You need to be able to ping before you can
>>> >> access
>>> >> a share. Run the command ipconfig on a computer to see it's IP
>>> >> address
>>> >> and
>>> >> you need to try and access the computer with the share by it's LAN
>>> >> IP. If
>>> >> you can ping by IP but not name then you have a name resolution
>>> >> problem
>>> >> but
>>> >> still should probably be able to access the share [maybe getting a
>>> >> credential prompt] by Start\run \\xxx.xxx.xxx.xxx\sharename where
>>> >> xxx.xxx.xxx.xxx is the LAN IP of the computer with the share. This
>>> >> all
>>> >> assumes that the Sonicwall device allows access to file shares on the
>>> >> network via proper configuration of the VPN policy in it and I
>>> >> believe
>>> >> the
>>> >> default built in VPN policy does though that policy may not allow
>>> >> "netbios"
>>> >> name resolution unless it is enabled in the properties of the VPN
>>> >> policy
>>> >> which could explain why access by computer name may not work.
>>> >>
>>> >> Steve
>>> >>
>>> >>
>>> >> "JimA" <JimA[ at ]discussions.microsoft.com> wrote in message
>>> >> news:CB1603D0-9E06-42B0-8269-7CDABDC0EF35[ at ]microsoft.com...
>>> >> > My VPN is set up with a persistent connection that the remote user
>>> >> > needs
>>> >> > to
>>> >> > logon to via the Sonicwall client software (I think). Here is what
>>> >> > I
>>> >> > have
>>> >> > tried:
>>> >> >
>>> >> > 1. Logon to the Sonicwall only, map the network drive: error
>>> >> > "network
>>> >> > path
>>> >> > not found"
>>> >> > 2. Logon to the VPN (in network connections) connection only (IP is
>>> >> > my
>>> >> > firewall outside IP). Start\run\server\sharename, receive "network
>>> >> > path
>>> >> > not
>>> >> > found"
>>> >> > 3. Logon to SonicWall first. Logon to VPN second (connected to my
>>> >> > Domain
>>> >> > sucessfully). Attempt to connect drive, receive "network path not
>>> >> > found"
>>> >> > 4. The computer account has been reset.
>>> >> > 5. it is XP pro, Sp2.
>>> >> > 6. I am able to logon locally without issue, only remote issues.
>>> >> >
>>> >> > Thanks for help.
>>> >> > --
>>> >> > Jim A.
>>> >> >
>>> >> >
>>> >> > "Steven L Umbach" wrote:
>>> >> >
>>> >> >> It depends what you mean by logging on and how the VPN is setup
>>> >> >> and in
>>> >> >> your
>>> >> >> case it sounds like you are using a persistent VPN connection or
>>> >> >> point
>>> >> >> to
>>> >> >> point tunnels and if that is true no special logon for the VPN
>>> >> >> connection
>>> >> >> itself is needed as the VPN is seamless. If you are going to logon
>>> >> >> via
>>> >> >> Remote Desktop then you will get logon box where you enter
>>> >> >> username
>>> >> >> and
>>> >> >> then
>>> >> >> password. If you are trying to access a file share over a VPN then
>>> >> >> you
>>> >> >> may
>>> >> >> connect without any credential prompt if you are logged on your
>>> >> >> client
>>> >> >> computer with a username/password that exists on the server.
>>> >> >> Otherwise
>>> >> >> you
>>> >> >> may get a credential prompt where you could enter username and
>>> >> >> password.
>>> >> >> Usually the username can simply be a user name but sometimes you
>>> >> >> may
>>> >> >> find
>>> >> >> you need to enter the domain name also as in domainname/username
>>> >> >> or
>>> >> >> computername/username as the case may be if simply entering the
>>> >> >> username
>>> >> >> does not work and you are sure that the name/password are correct.
>>> >> >> For
>>> >> >> a
>>> >> >> share you can also try mapping a drive from file explorer on your
>>> >> >> client
>>> >> >> computer under tools/map network drive. The link below may help
>>> >> >> and
>>> >> >> try
>>> >> >> using the IP of the destination computer if the name does not
>>> >> >> work.
>>> >> >>
>>> >> >> Steve
>>> >> >>
>>> >> >>
http://support.microsoft.com/kb/308582>>> >> >>
>>> >> >>
>>> >> >> "JimA" <JimA[ at ]discussions.microsoft.com> wrote in message
>>> >> >> news:C4A2024B-98B1-4CCB-BF02-570FE51492A3[ at ]microsoft.com...
>>> >> >> > Thanks Steve for answering my questions, but what is the format
>>> >> >> > to
>>> >> >> > use
>>> >> >> > when
>>> >> >> > when logging on via the VPN?
>>> >> >> >
>>> >> >> > Is it \\servername\domainname/username?
>>> >> >> >
>>> >> >> > and does it prompt for a password? or where should that go?
>>> >> >> >
>>> >> >> > Thanks.
>>> >> >> > --
>>> >> >> > Jim A.
>>> >> >> >
>>> >> >> >
>>> >> >> > "Steven L Umbach" wrote:
>>> >> >> >
>>> >> >> >> If you are using VPN endpoint devices then you do not need to
>>> >> >> >> configure
>>> >> >> >> RRAS
>>> >> >> >> for any VPN settings. RDP over VPN is pretty secure as RDP
>>> >> >> >> traffic
>>> >> >> >> by
>>> >> >> >> default is also encrypted BUT make sure that accounts that can
>>> >> >> >> have
>>> >> >> >> RDP
>>> >> >> >> access are using strong passwords and change them periodically
>>> >> >> >> and
>>> >> >> >> check
>>> >> >> >> the
>>> >> >> >> security logs to see who is accessing via RDP and when. NOT
>>> >> >> >> \\server\username but \\servername\share can give you access to
>>> >> >> >> file
>>> >> >> >> shares
>>> >> >> >> that are available and to users that have proper permissions to
>>> >> >> >> the
>>> >> >> >> share
>>> >> >> >> and you may need to try \\xxx.xxx.xxx.xxx\share in case name
>>> >> >> >> resolution
>>> >> >> >> is
>>> >> >> >> not working properly over the VPN where xxx.xxx.xxx.xxx is the
>>> >> >> >> IP
>>> >> >> >> of
>>> >> >> >> the
>>> >> >> >> computer with the share. In some cases you may need to specify
>>> >> >> >> domain/user
>>> >> >> >> to logon if username alone does not work for logon user name.
>>> >> >> >> No
>>> >> >> >> special
>>> >> >> >> services should need to be enabled. Also keep in mind that only
>>> >> >> >> users
>>> >> >> >> in
>>> >> >> >> the
>>> >> >> >> Remote Desktop users group or those that have the user right
>>> >> >> >> to
>>> >> >> >> allow
>>> >> >> >> logon
>>> >> >> >> through terminal services will be able to RDP into a computer
>>> >> >> >> and
>>> >> >> >> by
>>> >> >> >> default
>>> >> >> >> administrators can do such.
>>> >> >> >>
>>> >> >> >> Steve
>>> >> >> >>
>>> >> >> >>
>>> >> >> >> "JimA" <JimA[ at ]discussions.microsoft.com> wrote in message
>>> >> >> >> news:1925C121-2310-49A1-9769-FDB660850CBD[ at ]microsoft.com...
>>> >> >> >> >I have 1 main site with a Windows 2003 server and a remote
>>> >> >> >> >site
>>> >> >> >> >with
>>> >> >> >> >2
>>> >> >> >> >PCs.
>>> >> >> >> > They both have router/firewalls and a configured VPN that is
>>> >> >> >> > working.
>>> >> >> >> > The
>>> >> >> >> > VPN
>>> >> >> >> > client software is installed and working. I was advised to
>>> >> >> >> > use
>>> >> >> >> > RDP
>>> >> >> >> > to
>>> >> >> >> > connect
>>> >> >> >> > to my main server.
>>> >> >> >> >
>>> >> >> >> > My Questions:
>>> >> >> >> >
>>> >> >> >> > 1. Since I am using VPN hardware devices does RRAS come into
>>> >> >> >> > play
>>> >> >> >> > at
>>> >> >> >> > all?
>>> >> >> >> > 2. Are there better methods for logging in to the main server
>>> >> >> >> > then
>>> >> >> >> > RDP?
>>> >> >> >> > 3. Can I \\server\username to log on?
>>> >> >> >> > 4. Any special servces need to be enabled
>>> >> >> >> >
>>> >> >> >> > Thanks
>>> >> >> >> > --
>>> >> >> >> > Jim A.
>>> >> >> >>
>>> >> >> >>
>>> >> >> >>
>>> >> >>
>>> >> >>
>>> >> >>
>>> >>
>>> >>
>>> >>
>>>
>>>
>>>
>
>