[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Map drives from location A to location B over VPN
If the VPN is already in place and operating then the only problem is NT configuration and not a firewalling issue ** Note - Firewallers - this goes off-topic towards NT setup ! ** Check :- 1. The Firewall rules bases - does the VPN allow all traffic through ? - if not then you need to allow NBT between them - add icmp temporarily to help in diagnosis if it's not active now. 2. Ping hosts on network A from network B by IP address - ensure you get a reply 3. Ping hosts on network B from network A by IP address - ensure you get a reply If the above tests fail, check your encryption domain settings and fix this before continuing. At this point the network is intact and the VPN is operating OK, so forget about the firewall. It's time to prod another system a little ** going off-topic here ... if you're not interested ** ** now is a good time to hit <del> ** All you need to do then is a bit of NT config - I expect that you don't have WINS configured and all machines are broadcasting for each other, These broadcasts are probably dropped by the firewall. 0. Ensure you have adequate backups of servers you will be altering. 1. Install WINS on one NT server at site A and one at site B, re-service pack as required 2. Ensure that all clients can register themselves with their local WINS server - probably by making an update to your DHCP scopes at site A and B. Add .. A WINS/NBNS server that points to the local server at each sites Ensure a NETBIOS node type of 0x8 (Hybrid mode) If memory serves these are 0x44 and 0x48 subtypes ? 3. Either reboot each DHCP'ed workstation to force a re-registration of the above changes or if you use static addresses, add the WINS address in the IP setup, close the screen ignoring the reboot warning, then drop to the command line and type nbtstat -RR This releases and re-registers the NETBIOS names which will add them to WINS 3. Set the two WINS servers to replicate to each other then force a replication. At this time you should see machines on site A in the database at B and vice-versa. 4. Map Drives from the command line using the command line net use h: \\remoteserver\share You may also need to force a username since the remote machines aren't in the same security zone, eg net use h: \\remoteserver\share /user:machinename\username * Then type a valid password for the machine 5. You now need to wait for the browser service to catch on to whats happening so take a coffee break (alternately lunch and a few beers are an acceptable alternative). This may take up to 45 mins to "find" all machines. 6. Open Network neighborhood - both domain A and workgroup B should be present, you can now map network drives as normal. To make things nice and easy you could even consider moving the workgroup at B to a domain and setting up a trust - depends on your specific need but it would make management a lot easier HTH - and good luck Regards Tim -----Original Message----- From: Erik Skoog [mailto:[email protected]] Sent: 30 January 2001 20:57 To: FW1 mailinglist Subject: [FW1] Map drives from location A to location B over VPN Good afternoon, I was wondering if anyone had any experience with the following dilemma. I have been charged with getting the following scenario: We have an NT domain in location A and an NT workgroup in location B. Both location A and B are NATed and encryption is set up at both ends with a VPN currently up and running. We wish to be able to "map" drives from location A to location B over the VPN. Anyone have any luck with this outside of SecureRemote. Erik Skoog ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ************************************************************************ The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of The Capital Markets Company. http://www.capco.com *********************************************************************** ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|