I have a 3640 router with an incoming T1. One ethernet port is going into a 1548 Micro switch. A 3005 is also plugged into the switch and the outside interface has a public IP address that is reachable by Cisco 3.0 client software running Windows 2000 Pro. Users can open up network neighborhood and see all the computers on the network but cannot browse individual computers(not accessable meassage), can't get e-mail and can't log onto our Terminal server(cannot locate server message) even though on the 3005 the Wins server and the 2nd ISP's DNS information is specified AND I have placed an LMHOST file on the client with the PDC, WINS server and the Terminal servers IP addresses. Our LAN is using an ISP's DNS info but the VPN is coming in over a different ISP connection and I have the second ISPs DNS info in the 3005 as is the WINS server. The domain is an NT 4 domain with 2000 clients. Any help in getting to browse the network comepletly is appreciated.
Is the ISP hosting all of your internal DNS entries for your network? Also, is the client setup with a DNS Suffix Search Order that includes your DNS domain? Finally, are the 2000 clients configured to logon to the network or are they relying on the "Connect As..." capability of Windows 2000 to access resources?
The ISP is hosting our DNS. We are only runnig WINS for internal name resolution. Remember the network's DNS is from a different ISP than the one the VPN conneection is coming in on. We have 2 ISP's. Would hosting our own DNS help? If so, should it be from the DNS that is on the VPN's ISP. If this is the case we would have to eliminate the other ISP that our internal network uses and we are trying to avoid that. The clients do not have a DNS Suffix Search Order set. TAC said that was not neccesary since we are running WINS only. Wrong? Finally, the clients are configured to logon to the network but can do so without being connected to the network using netlogon service. I have even tried start before logon option but with no success.
pls check if u have enable netbios over tcp/ip in the network properties of client and make sure if u can open the pc by only using the ip not by doubleclicking in the network neighbourhood if this is the case u need to put the dns server on both inside and outside pcs install win2k dynamic dns .
i had a simmilar issue
Thnaks for your reply. We are still an NT4 domain so I don't think I can do w2k dynamic DNS. Should I put the DNS info on the PDC from the ISP that the VPN connection is using? I have a different ISP's DNS on our PDC right now. The clients have enable netbios over tcp/ip
ok. first try to see if u can access pc forget abt dns and wins
if u can see inside the server or pcs
let me know
if it ask for password or let u in
I tried several computers on the network using the \\pcname and \\pcname\sharename. I always got "The network path was not found" message. The tunnel creates fine and I am doing the start before login option. I don't know what else to try. Help!! I can ping all the machines internally over the tunnel but my response time is pretty slow. 80ms for users coming in over a DSL connection and 200+ms for dial ups. Any thoughts?
Mercy Me!! If I put \\ipaddress the shares are there and from that point I can just double click a share and it comes up. Any thoughts on how I can get the name resolution to see the entire network right off the bat? Thanks for all your help thus far!!
Let me amend the statement above. After further testing I have found that while I can access w2k machines by putting in \\ipaddress I cannot access my NT 4.0 machines the same way. I get "path not found". My resolution issues would be centered around the fact that my PDC, BDC and WINS server boxes are all NT 4.0 machines and since the client can't reach NT.4 machines I get no resolution at the log in level. Any thoughts on how to get the client software to see NT.40 machines?
now u have a typical name resolution problem
u need to tell me what wins, dns servers in yr network and what is the client server configurations on their tcp ip tabs
what is the ip ranges what are the vpn clients ip ,everything...my email firstname.lastname@example.org
What type of addressing are you using from the 3005? If you are using DHCP, then you will want to specify the WINS servers and Default domain on the 3005 (from Configuration/User Management/Groups/ (select group) /Modify Group/General tab and IPSec tab. If you are not using DHCP, then you will need to hard code the WINS and domain name in the client's TCP/IP configuration settings (for LAN or dial-up adapter as appropriate). Alternatively, you may be able to put a local LMHOSTS/HOSTS file on each client if you don't have many systems to manage.
Posted by NetPilot
Thanks for your reply. I am using DHCP on the 3005. The WINS server is specified in the Configuration/User Management/Groups/ (select group) /Modify Group/General tab but I don't see a place to specify that under the IPSec tab. I have also placed an LMHOST file on my test client with no success. I think the problem is that I can reach w2k machies but not NT machines. If I got start, run \\ipaddress for a w2k machines I can pull it's shares and from then on double click it's shares and access data. I can't do that on an NT machine and since my PDC, BDC and WINS servers are all NT I am not able to get name resoultion. I can't ping by name either but working with TAC I have been able to now ping the NT machines by ip address. I think somehow the client is not using the info provided by the 3005(PDC, WINS etc) even though it pulling the information as evidenced by an ipconfig/all ran before and after my connection. Does anyone know of an bugs about the 3.x client software not commincating with NT machines when the client is w2k pro?