# VPN: Can ping machine but can't browse shared folders



## nogoodatcoding (May 20, 2008)

Hi,

I'm trying to setup a VPN connection between two Windows XP Pro machines over the internet and it's almost working except for browsing shared folders. I've got two laptops and my friend can ping both of them once the VPN is connected. I can ping my friends machine also. By modifying the LMHOSTS file used by the VPN client connection, the client is able to ping by name. I can also VNC and Remote Desktop to the VPN client machine and that machine can VNC and Remote Desktop to all my machines, using the local IPs that the VPN connection is using. But when we try to do Run > \\192.168.1.x or \\machine-name, we get error dialogs and can't browse the machines which should be on the LAN.

I'd like to point out right at the beginning that this isn't about trying to access shares using the machine name, even with the IP addresses, I'm just not able to access the shares.

Here are the details -
We've both got Zone Alarm firewall running and the Windows firewall is disabled. I've got a DSL connection and my friend's got an internet connection via LAN, behind some sort of NAT (Sify Broadband if that helps). All machines on the network are only running Win XP and there is no domain controller/ WINS/ DNS server. On both sides, we've got simple file sharing enabled.

He's got an internal IP of 10.30.186.96 on his network and my home LAN has addresses in the series 192.168.1.x with my server getting the IP 192.168.1.11. On VPN connection, my server gets assigned an IP of 192.168.1.20/255.255.255.255 and the client gets 192.168.1.21/255.255.255.255.

I've forwarded port 1723 to my server (192.168.1.11) on my DSL router.

- I've setup my machine to be the server, I created a new connection to accept incoming VPN connections.
- For the TCP/IP properties for this connection,
- I've checked the 'Allow callers to access my local area network' option.
- I've specified the TCP/IP addresses to be assigned from 192.168.1.20 to 192.168.1.21
- All the items that the connection uses - TCP/IP, QoS Packet Scheduler, File and Printer Sharing for Microsoft Networks, Client for Microsoft Networks are checked.
- I've added expert rules to my instance of Zone Alarm to allow
- Any communication from addresses in the range of 192.168.1.1 to 192.168.1.255 over any protocol to any destination
- Opened TCP port 1723 for any source to any destination
- Opened GRE port 47 for any source to any destination
- I've also added the entire subnet of 192.168.1.0/255.255.255.255 to the trusted zone.
- My workgroup is 'WORKGROUP'

- On the client, we created a new connection to dial into a VPN and gave it the proper external IP address that my router gets assigned.
- All the items that the connection uses - TCP/IP, QoS Packet Scheduler, File and Printer Sharing for Microsoft Networks, Client for Microsoft Networks are checked.
- The TCP/IP properties are set to obtain an IP and DNS servers automatically
- It is also set to 'Use default gateway on remote network' in the Advanced Settings
- I've selected 'Disable NetBIOS over TCP/IP
- Enable LMSHOSTS lookup is checked and we imported a file with entries for my machines
- In Zone Alarm on the client we added expert rules to allow
- TCP port 1723 from any source to any destination
- We've added the entire 192.168.1.0/255.255.255.255 subnet into the trusted zone
- We changed this machine's workgroup from 'MSHOME' to 'WORKGROUP' to match mine.

The results for ipconfig /all for the server:

Windows IP Configuration

Host Name . . . . . . . . . . . . : vpn-server

Primary Dns Suffix . . . . . . . : 
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-00-00-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220

Ethernet adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2200BG Network Connection
Physical Address. . . . . . . . . : 00-00-00-00-00-00

PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Internal RAS Server interface for dial in clients
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.20
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 



The results for ipconfig /all for the client:


Windows IP Configuration

Host Name . . . . . . . . . . . . : vpn-client
Primary Dns Suffix . . . . . . . : 
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Sify Broadband:

Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-00-00-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.30.186.96
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.30.186.1
DNS Servers . . . . . . . . . . . : 202.144.115.4
202.144.10.50

PPP adapter VPN Connection:

Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.21
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.21
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Disabled

Error messages seen when trying to Run > \\ip-address or trying out net view ip-address on the command prompt:
VPN Client 
-\\192.168.1.20 The network path was not found

Oddly enough, when we try to open \\192.168.1.21 which is the client's IP address on the VPN, on the client machine, the first time we get an error - '\\192.168.1.21 is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The network path was not found.' but it opens up on the second attempt.

- net view 192.168.1.20
System error 53 has occurred.

The network path was not found.



VPN Server
- \\192.168.1.21 The specified network name was not found.

- net view 192.168.1.21
System error 64 has occurred.

The specified network name is no longer available.

I've been searching for a few days now and I've come across some useful information but nothing that specifically addresses this problem. So could someone help me out with this or point me towards information that might help? How do I get access to shared folders and machines on this network?

Thanks


----------



## Deversetty (Apr 30, 2008)

make sure the services computer Browser,Netlogon,Workstation and windows firewall are started and running in Automatic mode.

Try once with windows firewall stopped and once with started.........


Thanks,
Madhu.


----------



## nogoodatcoding (May 20, 2008)

Madhu, thanks for the suggestions.

I've been using Zone Alarm firewall and have turned off the Windows firewall. All the other services were running ( except for NetLogon which I'm not able to start. I guess because there is no domain and no domain controller ).

I did try with the Windows Firewall service started and stopped. No difference.

I'm still not able to browse the network or machines.


----------



## Deversetty (Apr 30, 2008)

Try This.......

This is generally cause by an incorrect or missing DNS or WINS IP address in your TCP/IP configuration.

Make sure these IP addresses are correct:

01. Right-click My Network Places and press Properties.

02. Right click the appropriate connection and press Properties.

03. Select Internet Protocol (TCP/IP) and press Properties.

04. Press Advanced.

05. On the DNS tab, press ADD and type the IP address of a DNS server and press ADD.

06. Repeat step 05 for each DNS server on the network. When finished, use the arrow buttons to arrange the list in the preferred order.

07. On the WINS tab, press press ADD and type the IP address of a WINS server and press ADD.

08. Repeat step 07 for each WINS server on the network. When finished, use the arrow buttons to arrange the list in the preferred order.

09. Press OK until all dialog boxes are closed.


----------



## nogoodatcoding (May 20, 2008)

Thanks for the suggestions but they don't apply to me. As I'd mentioned in my first post, there is no domain controller or DNS/ WINS server.

This is my home network with 2 Win XP machines. One of them is my VPN server. On the other side there is a Win XP laptop which connects as the client onto my home network.

Anything else I can try?


----------

