NetBIOS Name can not pass through the Site-to-Site VPN tunnel

Do you have WINS server ? If not, you may need one. If yes, check ACL to be sure the NetBIOS packets are able to pass thru the tunnel.

DT

You need to enable netbios over tcp in your adapter tcp/ip properties. If that doesn't work you can still manually map drives the the 'net use' command. The only thing windows uses netbios for now (AFAIK) is network neighborhood browsing. You can still map SMB by name over IP.

Hal

Hi, My network has no WINS Server, and it is using the Pure AD infrastructure,

How can I see if the netbios packet can go through the tunnel ?

Thank you Benson

In article , Benson wrote: :My network has no WINS Server, and it is using the Pure AD infrastructure,

I don't know how things are -intended- to work with AD, but my observation from our recent switch to Exchange 2003 is that NETBIOS is needed more than ever before [though -possibly- to fewer random locations.]

:How can I see if the netbios packet can go through the tunnel ?

netbios resource advertisements are local broadcasts, and broadcasts don't get sent through tunnels in PIX 6.x (PIX 7.0 has layer 2 transparent firewalling.) Thus, the resource names won't get through a VPN unless you have an alternate name distribution mechanism such as WINS.

As other posters suggested, if you use direct IP numbers or if you configure in such a way that DNS works to resolve names, then you can map folders over a VPN -- it's the locator service that doesn't work, but once you get the right location then the mapping can proceed.

You can setup a DNS server at each end of the tunnel, replicate the DNS servers then add the host name and IPA's to the DNS server, then on either side of the tunnel when you ping hostA it will query the local DNS server for IPA to reach that host, once the IPA has been gotten the firewall will route the traffic accross the VPN tunnel to its destination. Since you are in a true AD environment, hosts should register with there local DNS upon logon, that registration is replicated to the other DNS server.

hth,

Chad

You can setup a DNS server at each end of the tunnel, replicate the DNS servers then add the host name and IPA's to the DNS server, then on either side of the tunnel when you ping hostA it will query the local DNS server for IPA to reach that host, once the IPA has been gotten the firewall will route the traffic accross the VPN tunnel to its destination. Since you are in a true AD environment, hosts should register with there local DNS upon logon, that registration is replicated to the other DNS server.

hth,

Chad

IP FORWARD PROTCOL UDP