Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, February 27, 2018 7:08 PM
Hello,
We recently created VPN access using a RRAS. Clients can ping server names and IP addresses successfully however they are unable to access network shares via server name. The only time they are able to get to a file share is by using the FQDN of the server. Example, users can access server1.contoso.com\share but cant get to server1\share.
The client is setup with the proper DNS suffix and DNS IP addresses.
Any help will be greatly appreciated.
All replies (6)
Wednesday, February 28, 2018 10:31 AM
Hi,
Thanks for your question.
I still confirm with you that clients successfully have got access to the internetwork by VPN connection. Please type “ipconfig /all” at the command prompt on the VPN client and check its connection and DNS suffixes.
To narrow down this issue, could you please help me to collect the following information:
- Can users always access server1.contoso.com\share by VPN?
- Please type the command “ nslookup -d2 server1 ”on the VPN client and drop me the result.
I appreciate your effort and cooperation. If you have any questions or concerns, don’t hesitate to let me know.
Wish you have a nice day!
Best regards,
Michael
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Wednesday, February 28, 2018 4:04 PM
1.Can users always access server1.contoso.com\share by VPN? Yes, they can access folders when they use the FQDN of the file server
2.Please type the command “ nslookup -d2 server1 ”on the VPN client and drop me the result.
PS C:\Windows\system32> nslookup -d2 server1
SendRequest(), len 43
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
5.25.168.192.in-addr.arpa, type = PTR, class = IN
Got answer (76 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
5.25.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 5.25.168.192.in-addr.arpa
type = PTR, class = IN, dlen = 21
name = server.contoso.com
ttl = 1200 (20 mins)
Server: server.contoso.com
Address: 192.168.25.5
SendRequest(), len 38
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.contoso.com, type = A, class = IN
Got answer (54 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
server1.contoso.com, type = A, class = IN
ANSWERS:
-> server1.contoso.com
type = A, class = IN, dlen = 4
internet address = 192.168.25.7
ttl = 3600 (1 hour)
SendRequest(), len 38
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
server1.contoso.com, type = AAAA, class = IN
Got answer (91 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
server1.contoso.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> contoso.com
type = SOA, class = IN, dlen = 41
ttl = 3600 (1 hour)
primary name server = server.contoso.com
responsible mail addr = hostmaster.contoso.com
serial = 164923
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
Name: server1.contoso.com
Address: 192.168.25.7
Thursday, March 1, 2018 8:28 AM
Hi,
Thanks for your update.
According to the information of your post. It states that DNS server works properly and it is successful query server1 by its hostname. But the option named “NetBIOS over TCP/IP “ has been disabled. UNC share such as \server1\share ( network share by using NetBIOS name or hostname), We should enable NetBIOS over TCP/IP, please refer to the figure as below,
Here are links refer to UNC share:
Using UNC share
/en-us/windows-hardware/drivers/debugger/using-unc-shares
UNC
https://msdn.microsoft.com/en-us/library/gg465305.aspx
Highly appreciate your successive effort. If you have any questions and concerns, please feel free to let me know.
Hope you have a nice day!
Best regards,
Michael
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Thursday, March 1, 2018 2:02 PM
I enabled the NetBIOS setting on the client but it still doesn't work.
Friday, March 2, 2018 9:55 AM
Hi Leo,
Thanks for your update.
I am currently performing research on this issue and will get back to you as soon as possible. I appreciate your patience. If you have any updates during this process, please feel free to let me know.
Best regards,
Michael
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]
Monday, March 12, 2018 3:48 AM
Hi Leo,
How are things going on? Was your issue resolved?
I found some similar cases as yours. Please try the following suggestion:
1.Please check on the system firewall or any Anti-Virus application to ensure the below ports are not blocked.
The following ports are associated with file sharing and server message block (SMB) communications:
- Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139.
- Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UDP)
2. Change the VPN connection network location as private network. You can use gpedit.msc to change the settings.
Computer Configuration->Windows Settings->Security Settings->Network List Manager Policies-> VPN Connection
Change the location type to Private
3. Please refer to the following link, it may be helpful,
Highly appreciate your effort and time. If you have any questions and concerns, please feel free to let me know.
Wish you have a nice day!
Best regards,
Michael
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected]