Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1560
Views
0
Helpful
5
Replies

NetBios forwarding over NAT VPN

ddnicholls
Level 1
Level 1

‎10-30-2002 07:42 PM - edited ‎03-02-2019 02:31 AM

We have a standard hub and 2 spoke network consisting of 827's running NAT over a VPN. Everything appears fine, we can ping across the VPN etc, but what we are having trouble with is browsing NetBios names and hitting an SQL server on the other side of the link. We are relying totally on Windows networking, there is no WINS server or PDC. NAT is stopping NetBios forwarding as is well documented, but I need to know if there is a preferred method of broadcasting NetBios UDP across the VPN. We have tried IP fowarding and helper addresses but they have not worked. Is there a 3rd party forwarder or tunnelling option...or is there a UDP forwarding config we're missing? Any tips would be appreciated. Has anyone tried this setup successfully?

Thanks

Dean

1 person had this problem
Labels:
0 Helpful
5 Replies 5

scottmac
Level 10
Level 10

‎10-31-2002 08:02 AM

Have you tried putting the database server's name in the hosts tables of the client PCs?

Hosts on Win9x and XP is in C:\windows

Hosts on NT/ WIN2K is in \winnt\system32\drivers\etc

There should be a sample file (hosts.sam) in the directory. Just copy that file, edit it in the same format (adding your server names / IP addresses), and save it to "hosts" (no extension, no quotes).

Good Luck

Scott

0 Helpful

scottmac
Level 10
Level 10
In response to scottmac

‎10-31-2002 08:05 AM

Edit to my post above: You may also want to add the server's name & address in the LMHosts file as well (that is the traditional name resolution file for LANMAN).

Scott

0 Helpful

moorj
Level 1
Level 1

‎10-31-2002 08:47 AM

Dean, we had a very similar problem where all of Cisco's firewall products to date will not rewrite any SMB Packet contents. With MS browsing\WINS and NT Authentication LSA/RPC Local or Domain the devices real IP address is embedded in the SMB content.

If you are purely running MS Browsing across a VPN Tunnel with no NAT then make sure that type 20 propogation is enabled across all interfaces. This should allow the forward of netbios broadcasts which the MS Master browsers will require on each broadcast domain. Personaly I would not like to rely on MS Browsing as it is possible for delays of up to 60mins before non-existant devices are removed from the broadcast domains!

Hope some of this might help.

Cheers, John

CCIE#9334

0 Helpful

scottmac
Level 10
Level 10
In response to moorj

‎10-31-2002 12:57 PM

No dispute here, because I'm not sure, but isn't "Type 20" an IPX / Netbios packet ?

Or is it just triggering some process that goes into packet looking for NETBIOS information?

Scott

0 Helpful

ddnicholls
Level 1
Level 1
In response to scottmac

‎10-31-2002 02:15 PM

I think you're right Scott, type 20 refers specifically to IPX/NetBios propogation as far as I'm aware.

We have a local hosts file in the test machine we are using, and can ping the NetBios name. But we still can't browse to them. IT is as if the Master Browser isn't being propogated, I have heard that IP forwarding can break the Master Browser as it starts to receive broadcasts form different subnets.

Thanks

Dean

0 Helpful
Customers Also Viewed These Support Documents