Browse the LAN when connected to 501 pix?

ericmiller74 · ‎06-29-2005

I have successfully set up VPN access to a PIX 501. I can connect and ping/login to machines via there LAN ip address. I would like to be able to have my VPN users "browse" the LAN. To make this more interesting I am able to browse one workgroup but not another on my PC, and dont get any entries for network mounts on my Mac. Any Ideas. Will post a sh run if your interested.

Thanks

mostiguy · ‎06-30-2005

Are you running WINS at the Office? Are you passing its ip address to vpn users on the PIX? WINS is going to be necessary for Network Neighborhood to work across subnets (which is what you are doing as the vpn users are on a different segment from the inside segment).

What DNS server are you passing to the vpn users?

ericmiller74 · ‎07-01-2005

Thanks for the reply, Yes I am passing WINS to the users with one caveat. WINS is being run from the OS X server. I am able to browse one workgroup when connected, but not the other one. I am also curious as to how to advertised Apple Filing Protocol shares. The DNS that is being given out points to external name servers. Would having one internal DNS server help with the AFP stuff?

Thanks again

mostiguy · ‎07-01-2005

I believe technically, the vpn users would be a different Appletalk segment. Is there any way to eliminate the need for appletalk? If your environment is all Windows and OS X, you should be able to use SMB everywhere.

Why do you have two workgroups?

ericmiller74 · ‎07-01-2005

Well, its not quite appletalk, ( that is the legacy protocol ) its Apple Filing Protocol, I am using SBM everywhere but there are drawbacks to connecting OS X machines via SMB, would like to avoid it if possible. The 2 workgroups will soon be consoldated into one.