Sign in with
Sign up | Sign in
Your question

VPN and Windows Networking

Last response: in Networking
Share
October 29, 2008 4:36:21 PM

Hello Everyone,

New to the forums and already looking for some assistance.

My company is looking to have some individuals working from home, but have access to shared folders on our internal server. We have purchased a SonicWall TZ 180 Wireless with their Global VPN client software. My issue is that I am not seeing the shared data by going through My Network Places on the client PCs. I can use Remote Desktop Connection to log into the server and work with data on the server, but that is not helping me with sharing data.

Any insights or questions I should be asking SonicWall Tech Support, that will help me find where my bottleneck is?

Thanks,
Kevin Corliss

More about : vpn windows networking

November 3, 2008 5:42:38 AM

From what I read for Sonicwall's Global VPN client, it is an IPSec client as such it should carry all network traffic including MS Net Neighborhood traffic.

Here is most likely problem:

1) Roadwarrior connects to TZ 180 via VPN using GVC

2) IPSec terminates at TZ 180. TZ 180 will then forward unencrypted traffic to the internal LAN, to the Server specifically

3) The server receives the MS Net Neighborhood traffic and responds it.
Problem: it is most likely that your roadwarrior has an IP different from internal LAN IP. So when the server responds, it doesn't know where to send. So it send to the default gateway configured for your internal LAN the server belongs to. If that default gateway is TZ 180, everything should work and you will not be asking this. If that default gateway is not TZ 180, it will either be dropped or misrouted (and dropped eventually) unless that default gateway also knows (has static route to) about TZ 180.

Fix #1: In latter case, the fix will be that you can create static route in your server via 'route' command (for Windows too).

Fix #2: (alternate to #1) You can also fix at TZ 180. TZ 180 can (has DHCP over IPSec functionality?) give out the same internal addresses to roadwarriors; just make sure they don't overlap with internal scheme (i.e for internal 192.168.3.2-192.168.3.150, for roadwarriors 192.168.3.151-192.168.3.200)

Other note: your VPN connection is working fine based on the fact that you can Remote Desktop into the server via VPN.
November 3, 2008 5:47:38 AM

For Fix #1, static route command will be something like:
route ADD 10.10.10.0 MASK 255.255.255.0 <TZ 180 IP> METRIC 1

10.10.10.0 is the addressing scheme of roadwarrior nodes. Make sure it survives the reboot of the server.
!