No access to WAN network shares over VPN

Discussion in 'Windows Vista Networking' started by Robert Fischer, Jan 1, 2007.

  1. Dear experts


    I have a problem accessing any network shares from "outside the LAN" "Windos
    Server 2003"-systems with a "Windows Vista"-system:

    Detailed description:
    I have a LAN behind a ADSL-Router and in this LAN there are
    Vista-Vista-WS1: A Windows Vista Business Edition x64 (English)(current
    patch level)
    Vista-WS2: A Windows Vista Business Edition x86 (German)(current
    patch level)
    Vista-WS3: A Windows Vista Business Edition x86 (English)(current
    patch level) in a Virtual Machine
    XP-WS: A Windows XP Professional Edition x86
    (English)(current patch level)
    Srv-LAN: A Windows Server 2003 R2 x86 (English)(current patch
    level) in a Virtual Machine
    The Windows Server is configured as domain
    controller, VPN-Server, DNS-Server, File-Server

    I have a workplace environment in another site which can be accessed over
    VPN:
    DC-WAN: A Windows Server 2003 R2 x86 (English)(current patch
    level) as Domain Controller
    Exchange-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as
    Exchange Server
    FS-WAN: A Windows Server 2003 R2 x86 (English)(current patch
    level) as File Server
    VPN-WAN: A Windows Server 2003 R2 x86 (English)(current patch
    level) as VPN-Server
    Web-WAN: A Windows Server 2003 R2 x86 (English)(current patch
    level) as Web-Server

    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect over VPN
    with Srv-LAN and can successfully map any share from Srv-LAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect over VPN
    with VPN-WAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect with the
    Exchange Server Exchange-WAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect with the Web
    Server Web-WAN
    Vista-WS1, Vista-WS2, Vista-WS3 always fail to map any share from FS-WAN
    XP-WS can successfully map any share from FS-WAN


    Error messages:
    c:\> net use x: \\<fqdn>\share
    "System error 1214 has occured. The format of the specified network name is
    invalid."
    c:\> net use x: \\<NetBIOS-Name>\share
    "System error 53 has occured. The network path was not found."
    c:\> net use x: \\<IP-address>\share
    "System error 53 has occured. The network path was not found."


    Any ideas?
    Thanks for your support in advance!

    Dear regards and a happy new year... :)




    Robert Fischer
     
    Robert Fischer, Jan 1, 2007
    #1
    1. Advertisements

  2. Dear experts


    I have a problem accessing any network shares from "outside the LAN" "Windos Server 2003"-systems with a "Windows Vista"-system:

    Detailed description:
    I have a LAN behind a ADSL-Router and in this LAN there are
    Vista-Vista-WS1: A Windows Vista Business Edition x64 (English)(current patch level)
    Vista-WS2: A Windows Vista Business Edition x86 (German)(current patch level)
    Vista-WS3: A Windows Vista Business Edition x86 (English)(current patch level) in a Virtual Machine
    XP-WS: A Windows XP Professional Edition x86 (English)(current patch level)
    Srv-LAN: A Windows Server 2003 R2 x86 (English)(current patch level) in a Virtual Machine
    The Windows Server is configured as domain controller, VPN-Server, DNS-Server, File-Server

    I have a workplace environment in another site which can be accessed over VPN:
    DC-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as Domain Controller
    Exchange-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as Exchange Server
    FS-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as File Server
    VPN-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as VPN-Server
    Web-WAN: A Windows Server 2003 R2 x86 (English)(current patch level) as Web-Server

    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect over VPN with Srv-LAN and can successfully map any share from Srv-LAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect over VPN with VPN-WAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect with the Exchange Server Exchange-WAN
    Vista-WS1, Vista-WS2, Vista-WS3, XP-WS can successfully connect with the Web Server Web-WAN
    Vista-WS1, Vista-WS2, Vista-WS3 always fail to map any share from FS-WAN
    XP-WS can successfully map any share from FS-WAN


    Error messages:
    c:\> net use x: \\<fqdn>\share
    "System error 1214 has occured. The format of the specified network name is invalid."
    c:\> net use x: \\<NetBIOS-Name>\share
    "System error 53 has occured. The network path was not found."
    c:\> net use x: \\<IP-address>\share
    "System error 53 has occured. The network path was not found."


    Any ideas?
    Thanks for your support in advance!

    Dear regards and a happy new year... :)




    Robert Fischer
     
    Robert Fischer, Jan 1, 2007
    #2
    1. Advertisements

  3. Hello Admins

    Windows Vista requires an open port 139 and NetBIOS enabled on the server to map a server share through a VPN connection - very poor for security!!!
    But Microsoft is goin´ to fix that problem, they confirmed!
    Best regards

    Robert
     
    Robert Fischer, Jan 14, 2007
    #3
  4. Robert Fischer

    Thomas H. Guest

    if they'd only hurry up a bit - not being able to use shares over vpn no
    matter what begins to really hurt. :(

    - thomas
     
    Thomas H., Feb 14, 2007
    #4
  5. Robert Fischer

    fred Guest

    May have a solution for this..

    I logged it with our MS TSC, and he came up with this new kb article:
    http://support.microsoft.com/?id=929853

    I found I had to disable IPv6 for the vpn, add the destinations dns suffix
    as detailed in the kb article to the dns advanced tab of the vpn connection.

    Then I could map a drive to \\machine.doman.local\c$ (for example). It only
    seems to work using the FQDN. I have only tried this on a VPN back to the
    office (a domain my pc is a member of).



    Good luck!
     
    fred, Feb 21, 2007
    #5
  6. Robert Fischer

    Thomas H. Guest

    thanks for the link.

    unfortunately, this doesn't seem to work when the local computer isn't
    in the same domain, despite what the KB article says.

    in our company, the vpn is set up to use a nonroutable ip space, namely
    10.1.1.x. all the servers have assigned two or more ip adresses, where
    one of them is public routable, and one of them is from the internal
    adress space. the FQDN of the servers point to the public routable ips
    instead of the private adress space. this is probably why the KB
    solution doesn't work.

    if MS only would post some fix to have vpn/ip routing behave the same as
    in xp/w2k3...

    - thomas
     
    Thomas H., Feb 21, 2007
    #6
  7. Robert Fischer

    fred Guest

    Sorry to hear it didn't work for you. I have found the fix to work when
    connecting to alternate domains as well as my own though.

    I know what you mean about the changes from XP - I have been trying to get
    to the bottom of this for months! That's progress....
     
    fred, Feb 21, 2007
    #7
  8. There is a new hotfix KB933468 which should resolve this issue. I just
    installed the hotfix and NetBIOS over TCP/IP is no longer required when
    connecting to a network share through a VPN connection.

    -Timo
     
    Timo Hänninen, Mar 21, 2007
    #8
  9. Folks,
    Windows Vista has a bug wherein it is not possible to access shares on a
    machine from a Vista machine if NetBT is disabled on the Vista box or port
    139 is blocked. The issue is fixed in SP1 Beta. The fix is also available
    from Microsoft support. You can just call them and ask them for the fix. The
    KB number associated with the fix is 933468. The title of the problem is
    "SMB (port 445) does not bind on Vista over RAS connection "
    I have seen many posts on this news group regarding share access
    failures from Windows Vista over VPN. Please install this fix. You problem
    will be resolved.
    If the fix doesnt solve your issue please write to me.

    thanks
    Aanand
     
    Aanand Ramachandran, Mar 22, 2007
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.