I have a small VPN set up to allow me to access my home network remotely.
The host runs Windows 2000. It has two nics, one connected to a cable modem
(named WAN) and one connected to my LAN (named LAN). The LAN uses private
IPs in the range 192.168.0.x. Internet connection sharing is enabled on the
WAN adapter. It receives an IP from my provider. TCP/IP properties on the
Incoming Connections "adapter" are set thus:
(check) Allow callers to access my network
Specify TCP/IP address: 192.168.0.101-110
(I am aware that only one VPN connection is allowed)
(nocheck) Allow calling computer to specify it's own address
I can successfully connect to the host over the VPN and I can access it's
resources, but the host computer name does not show up in the client's
network computer browser. I must manaually map a drive by using the host's
I am also unable to access any other computers on my LAN. I thought that
routes between WAN and LAN would be set up automatically during the
"Registering your computer on the network" phase, but aparently that's not
so. I suppose I could connect to all the other resources on the network with
the VPN host and share them from there in order to access them from the VPN
client, but that seems really clunky.
I've tried this with Windows 2000 and Windows XP clients with "Use default
gateway on remote host" unchecked.
The following is a copy of the server and client config info and routing
tables from a console while I am connected to the VPN. Where appropriate
actual numbers have been replaced with x1, x2, etc. to indicate matching
Would some kind soul cast an eye over this information and please let me
know if there is something obviously wrong, or what permenant routes I would
have to set up to tie the two networks together. Also, if anyone is willing,
I wouldn't mind a short explaination of reading the routing tables. I've
been through MSs documentation and have come away without learning much.
Otherwise I wouldn't be asking
I don't understand where 4.158.x4.x5 came from so I xed it. Is this the
exterior IP of the tunnel?
I understand that this whole mess can be cured by adding a router in front
of the VPN host and getting rid of one of the nics, but this isn't an option
right now. And besides, I should be able to figure it out. Unfortunately I'm
not well enough versed in reading these tables to do so.
Thank you all for your patience. Any reply is appreciated.
More about :small vpn question win 2000 lan access
> You cannot enable NetBIOS with the MS PPTP VPN on Win2K.
Hi bob - I've been playing with it, and I see you're correct.
> But if you look at the same thing in the VPN
> adapter you will see that it is missing.
Well, on the Networking tab I installed NetBEUI and enabled it,
however the client says that it couldn't negotiate a protocol so
NetBEUI isn't used. There may be some crucial technical point I'm
missing here, but as far as I can see from the dox NetBEUI is NetBIOS
with a different name. I was able to see my entire LAN with this setup
(in the clien's network browser), but I still can't access computers
other than the VPN host. It boils down to the same thing: I still
can't access my LAN.
I suppose this basically means that I should look to L2TP instead of
PPTP for a tunnel, but I'm not sure I want to open that can of worms.
It's not a critical problem as I can come up with a work around
without using static IPs, but it just bugs me.
I'm certainly not going to "upgrade" to XP anytime soon, and as all
this is just hanging out there in the breeze I always intended to get
a router/firewall anyway but that won't happen for a couple of weeks
Thank you ppointer for your suggestion, and thank you Bob for your
explanation. I'm going back to shields up and make sure I got
everything buttoned up properly again.
On 16 Apr 2004 11:05:22 -0700, email@example.com (Shawn Fessenden)
>I can successfully connect to the host over the VPN and I can access it's
>resources, but the host computer name does not show up in the client's
>network computer browser. I must manaually map a drive by using the host's
That's because MS crippled Win2K. If you look at the TCP/IP Advanced
Properties for your LAM you will see that NetBIOS is available, hence
you have name resolution. But if you look at the same thing in the VPN
adapter you will see that it is missing. XP has it, so the idea was to
force you to upgrade. Screw MS - use startic IPs for the VPN Client
and map with raw IPs.
>I am also unable to access any other computers on my LAN.
Another cripple. You can access machines on the VPN Server LAN but not
the other way.
Enough said. MS deliberately crippled NetBIOS in the PPTP VPN. If it
were an oversight it could have been easily corrected with a Service
Pack. But that is not how MS does business.
The defenders of this outrageous predatory practice tell you that if
you don't like it, buy a Mac. That's the same as telling you that if
you don't like the fact that the old Pinto automobile had a strong
propensity to blow up when rear-ended, buy a Chevy.
On 16 Apr 2004 17:34:05 -0700, firstname.lastname@example.org (Shawn Fessenden)
>Well, on the Networking tab I installed NetBEUI and enabled it,
Get rid of it. Use TCP/IP. You may think it is the same as NetBIOS,
but it isn't.
You are probably the only person left in the Windows world who has
implemented that dinosaur. Believe me when I advise you to get rid of
it. I can't see you setting up a VPN with it hanging around your neck.