Topic: VPN and resolving hostnames/browsing lan....

[PsyDuck]

Hi!

I have some problems when I connect to my SME6 from the outside using VPN. The connection itself works like a charm and I have no trouble accessing the network behind the SME using IP-adresses.

The 2 issues I have are the following:

1) The domain doesn't seem to be set on the VPNclient, resulting in that when I try to lookup a host using only the hostname it can't be found.
If I add the domainname in the 'network settings' of the VPNclient it works just fine, but this should be set by the VPN server....how?

2) When I connect using VPN I would like all adresses belonging to that domain to be using internal adresses....eg. mail.mydomain.com should return the local address 192.168.0.1 when connected with VPN and the public adress when not....is there a way to make this work?

Regards
Jonas

[Appesteijn]

Hi Jonas,

you could have a look at the contrib made by Knuddi:
http://forums.contribs.org/index.php?topic=24864.0

Read the thread and follow his how-to and you have a working VPN. With OpenVPN you can easily 'push' settings from the server to the client (e.g. Domainname/server)

[PsyDuck]

Since all clients are running M$ and some of them will be unwilling to use other software I would prefer to use the PPTP VPN server.

Are there anyone out there who can confirm that their setup is working like one expects?
Anyone that can connect with the builtin VPN client in XP/2000 and are able to browse the remote LAN (behind SME) without having to enter IP-addresses?

[smeghead]

.. point the wins server setting on your w/s NIC config to the IP of the remote server and then it will pass the name requests onto the server for resolution.

HTH

[Appesteijn]

OpenVPN also has a windows client.

[PsyDuck]

So there's no one that has got this working without using OpenVPN?

[duncan]

Smeghead answered your question.

You need to set a wins server in your vpn connector. Manually add it under Networking-TCP/IP-Advanced.

[Damian]

Hi Jonas,

I can verify that XP clients can use PPTP VPN into a standard SME 6 server and browse the LAN. We run SME in server-only mode and forward GRE and ports 1723 & 500 to it.

For ours to work we made the following mods:

SME:
Enable WINS and make it the domain master.

XP Client:
Manually enter the internal IP adrress of the SME box as the WINS server.
Check that "negotiate multilink for single link connections" is checked in order to beat the MTU size mismatch which causes packet loss.

If you're browsing XP shares over the VPN you might want to ensure the client node type is "hybrid" in ipconfig /all for those sharing PCs.

Damian

[ryan]

I have about 12 clients using MS pptp to SME 6.01-01.  All can ping any host by just the hostname on the work LAN.  

You can use SME as the WINS server in if SME is your dhcp server for your work LAN.  In my case, I use 2003 server for DHCP.  I have to manually configure my VPN clients to use my 2 AD DNS servers in the pptp connection, and set the domain prefix.  I do not use WINS.  Other than having to statically set the DNS server addresses and domain prefix, it works great.  

If the 'use remote gateway' is checked in pptp client properties, my pptp clients can ping ANY host in any of 5 sites using just the host/computer name through the pptp connection.  

ryan