Re: PPTP VPN Problem (cant connect to resources)...

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

See Responses inline


<markm75c@xxxxxxx> wrote in message news:1161874353.479699.158340@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Update to what I have found with my PDA.. again.. at home I am
connecting to my home's wifi network.. then connecting to the vpn on
the PDA (so no outside influence)...

I can ping server.domain.local or ip addresses on the remote vpn
domain.

I can also use Netfront and browse out to web pages on the remote
domain... like : http://192.168.100.2

Netfront doesn't use the connection manager the same way that IE Mobile does so it will connect to anything as long as you ahve a connection established.

The pages load fine.. they also load if i use
http://server.domain.local

In terminal services.. i can connect to my local pc via its ip address
192.168.0.2...

Is the PC you're connecting to on the same physical lan as your wifi connected PDA? If it is then the device is using the wifi connetion less the vpn connection to get to that computer. Unlsess you added that dotted address to the exceptions list on the device the establish vpn connection would drop because the connection manger will notice the dotted address and think you want to use the "internet" profile vs "work" this of course all depends on what profile you have set for your wifi connection.

If i try to put in say 192.168.100.2 for the remote server.. it will
fail.. of course so will using the fqdn..

Since this server needs to be accessed through the vpn tunnel you will need to either add the IP, FQDN or *.domain.something to the exceptions list to tell connection manager that you want those addresses to be routed through the vpn tunnel. In it's default setup only netbios (non-dotted) names are set to go through the tunnel.

I'm not sure why using WINS would correct connecting to shares.. if
like I have stated.. I can connect to web pages on the remote vpn side
using ip addresses or fqdn...

If you use a third party browser like netfront then yes this is the case, with connection manager aware programs like File Explorer, IE Mobile, Windows Media Player Mobile and a few others those parameters change.

So in Resco.. if i try to connect to a share using the IP.. it will
fail.. or via the FQDN.. interestingly though.. in the list of
computers seen in Resco's network window.. there is 1 and only 1
workstation showing up from the remote network, though it wont let me
connect to it and share it out on the pda.

I haven't had much luck with using Resco's network window unless I manually add the address space to search because if I use the auto mode it will try to scan the whole local subnet and the remote subnet and most of the time I'm connecting from my wireless carriers network so that's a big subnet to scan.

At this point.. should i be trying that other tool vs using wins.. or
are they both supposed to do the same thing.. i still am not sure how
wins would fix this.. seems like something else going on on the pda...

The other program is just a local version of what wins would do globally on your network. Wins or host mapping program will help in resolving netbios names to IP's. Try using only netbios names and see if those can resolve to IP. Pinging by IP or FQDN doesn't give you much because you are relying on DNS to do the name resolution and the built in networking in Windows Mobile Devices rely more on netbios than DNS (I sure hope they change this). Also the connection manager throws in some nasty side effects because it wants to tell you what you're connecting to instead of you telling it what you want to connect to.

--
--
Eric Hicks [That_Kid] (MS-MVP Mobile Devices)

The MS-MVP Program - http://mvp.support. microsoft.com This posting is
provided "AS IS" with no warranties, and confers no rights...


Thanks

pino wrote:
pino ha scritto:

> Eric Hicks [MVP] ha scritto:
>
> > Pino the file explorer on your windows mobile device will only > > connect to a
> > share using the server netbios name not the ip (yeah I know would be > > nice if
> > it did) so see if you can ping your computer from the device using > > it's
> > netbios name. If you can't that means that netbios name resolution > > isn't
> > happening across the vpn. You can either install a WINS server on > > your
> > network (least favorite thing to do) or use a program on your device > > that
> > will map the name to the IP like Pocket Hosts(
> > http://www.zimac.de/cestuff.htm ). Since you can ping the computer > > via it's
> > IP address we at least know that you have connectivity, now we just > > need to
> > get the name resolution to work.
> >
> > --
> > --
> > Eric Hicks [That_Kid] (MS-MVP Mobile Devices)
> >
> > The MS-MVP Program - http://mvp.support. microsoft.com This posting > > is
> > provided "AS IS" with no warranties, and confers no rights...
> >
> > "pino" <giuseppe.mendola@xxxxxxxxx> wrote in message
> > news:1161686714.286675.7880@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> > >
> > > Eric Hicks [MVP] ha scritto:
> > >
> > >> If you can establish a vpn connection then you can rule out > > >> blockage.
> > >> One
> > >> quick way of testing to see if GRE is blocked is to try the PPTP
> > >> connection
> > >> from a desktop. If the connection progress gets hung up trying to > > >> verify
> > >> your username and password more than likely it's GRE blockage. > > >> What I
> > >> have
> > >> seen is many GSM carriers use private subnets for devices and > > >> sometimes
> > >> your
> > >> internal VPN subnet may fall within the range of the carriers and > > >> the
> > >> packets are routed incorrectly. A great utility to have is VxUtil > > >> from
> > >> (www.cam.com) you can use this to trace, trace and many other > > >> things.
> > >> It's
> > >> essential for troubleshooting vpn problems on the mobile device.
> > >>
> > >> --
> > >> --
> > >> Eric Hicks [That_Kid] (MS-MVP Mobile Devices)
> > >>
> > >> The MS-MVP Program - http://mvp.support. microsoft.com This > > >> posting is
> > >> provided "AS IS" with no warranties, and confers no rights...
> > >>
> > >> "pino" <giuseppe.mendola@xxxxxxxxx> wrote in message >> >Hi
> > >> everybody......I
> > >> wanted to say that I have the same problem of Mark....
> > >> > In my case ,I get the same error when trying to access from > > >> > GSM/UMTS
> > >> > network (Tim.it)to my desktop (ADSL flat --Tin.it).Locally > > >> > everything
> > >> > is fine (802.11b --ad hoc).
> > >> > I think the answer is the mobile provider (TIM.IT) or adsl > > >> > provider
> > >> > (Tin.it) blocks -GRE (Ip -47)
> > >> > or TCP 1723 !!!!!!
> > >> >
> > > HI Eric,thanks for your reply!!!
> > >
> > > I do have VxUtils installed on my PDA/PHONE (HTC:TYTN)-windows
> > > mobile5.0---
> > > May you tell me how can I use this software to troubleshooting my
> > > problem ??
> > > (The connection to desktop (win-XP-home/professional) is > > > successfully,
> > > PING works fine,but I cannot see network resources in the VPN > > > server
> > > (XP),firewall is disabled.
> > > In other words :\\192.168.1.100\C (shared) :"you don't have > > > permission
> > > ecc.ecc......").
> > > Furthermore XP-PPTP-VPN-Server is connected via Ethernet
> > > modem--ADSL---.
> > > I start the connection from my PDA/phone via GPRS network..........
> > > Thanks a lot .Ciao from Giuseppe in Italy
> > >
> Hi Eric,
> Well I installed Pocket-hosts in my PDA/phone but it did not change
> anything....in the sense that I could not see the Disk drive in my
> desktop.I get the same error......
> In other words : \\Centrino\D or C (shared) gives me the same error ("
> impossible to find the network path......or you don't have
> permission").
> Anyway,for your information ,this afternoon I went to a friend's of
> mine home and I successfully
> made the PPTP connection( with his ADSL connection )to my home-desktop.
> Maybe the problem is in mobile ISP's network ....even if they told me
> that" the connection is possible."......I don't know what to
> think.....Ciao

Hi Eric,
today I made another little progress...small...in the "PPTP-VPN from
PDA problem"......
I connected my PDA/PHONE to my laptop (via Bluetooth or USB)and tried
the vpn connection to my desktop (XP.home-ADSL).
I COULD MAKE THE connection !!!!
It is just you said : windows explorer (in XP) is much more robust than
in windows mobile 5.0.
I could make the connection but I was forced to disable "the
encription" --in the properties of windows's VPN connection
(PPTP),otherwise an error message said:" The other computer uses a
different encription....connection is not possible".
I also have Resco Explorer in my PDA,but it is the same: the connection
is not possible even
using netbios name (with Pocket Hosts): \\Centrino\D (or C).
Ciao from Giuseppe (Pino)in Italy


.

Relevant Pages

  • Re: OT By a mile in parts comments on Viet Nam
    ... check bank accouts etc etc whilst away but is safe to do so over wireless and using the hotel network.. ... you should regard your connection as insecure and use some ... form of encryption to protect your passwords and privacy. ... My recommendation would be to set up a VPN endpoint in the UK that you ...
    (uk.comp.sys.mac)
  • Re: OT By a mile in parts comments on Viet Nam
    ... compared with the risks already inherent in the average hotel network. ... you should regard your connection as insecure and use some ... form of encryption to protect your passwords and privacy. ... My recommendation would be to set up a VPN endpoint in the UK that you ...
    (uk.comp.sys.mac)
  • Re: Remote Client Configuration
    ... > remote computer to SBS 2003 domain via VPN connection after the remote ... > connection when user logon to the remote computer. ... I dont think that the Network Configuration website would work to connect to ... "The Small Business Server Network Configuration Wizard ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN issues on SBS2003 with ISA 2004 installed
    ... I had to create a VPN connection using the network connection wizard on ... Based on our work above, it seems the problem in client side, so I suggest ...
    (microsoft.public.windows.server.sbs)
  • RE: VPNs - Firewalls and Security
    ... we turned off sysopt connection permit ipsec and then added the ... VPN connections. ... VPN's - Firewall's and Security ... You had configured that vpn users access internal network, ...
    (Security-Basics)