07-11-2002 06:23 AM - edited 02-21-2020 11:55 AM
Let me preface this by stating that I'm a newbie to using a VPN. Our Cisco PIX 506E was setup by a local contractor for the primary purpose of using Outlook Web Access, but now I want to setup a mapped drive on my laptop to my user directory on the office's NT 4.0 server. The contractor has instructed me to use the "Net Use" command. Sample syntax would be:
net use x: //servername/share \user:workgroup/myusername
I would then be prompted for a valid password since I did not include that in the above syntax for security reasons.
The PDC in the office is running Windows Server 2000 and the shared member servers run NT 4.0. If I try to map a drive on the PDC using the above syntax, I get the error "System error 67 has occurred. The network name cannot be found." If I try the same syntax for a member server, I get the error "System error 51 has occurred. The remote computer is not available."
By the way: I am running Windows 2000 Pro on my laptop, I can successfully connect to the PIX using Cisco's VPN client, it's a DES ipSec VPN, I can ping all servers on the network, I have administrator rights for the entire network.
Any help for this newbie would be greatly appreciated.
Barry
07-11-2002 08:07 AM
A quick beginning step is to check your client. Open your client and select "Options" -> "Properties" Let us know if the client is using IPsec of TCP or UDP. Primarily, make sure the "Allow Local LAN Access" box is checked.
Hope it's as easy as that!
Patrick
07-16-2002 06:10 PM
Sorry for the delay in posting a response. I've been busy moving our network to new offices. I'll give your suggestion a try on Thursday, July 18 and let you know how it goes.
Barry
07-16-2002 06:16 PM
I just realized I can answer this question for you now. "Allow IPsec over UDP" and "Allow Local LAN Access" are checked on the client.
Barry
07-16-2002 09:29 PM
Hi, just to add.......are you running DNS or WINS on your W2K box at the office?? If so, are you getting the correct DNS or WINS IP information when you connect to the 506? If you can ping by IP address or map a drive by IP , your split tunneling is working, but it sounds like your having name resolution problems. Just a thought.....
07-17-2002 05:49 PM
WHEW! I finally mapped a drive no thanks to Cisco Support. They were quick to call it a Microsoft Networking problem just to close the case. It was a MS issue, but you cannot tell me that they didn't know the fix.
Kudos to you folks in this forum who threw in your ideas. I was finally able to map to my network server using the IP address in the "Net Use" command instead of the servername itself. Now, this was done on my PC at home using a broadband connection and having no prior contact with the office network. We'll see how the laptop does when I get into the office in the morning.
One concern I did have was that I was not prompted for a password and I deliberately left it out of the "Net Use" syntax. Did the network use my Cisco Client Group Permissions password (it's the same as NT password) or the cached password from this PC? Thoughts?
Barry
11-29-2002 05:38 AM
Your Windows 2000 laptop by default caches the last 10 logons so you can logon with your domain account offline. When you connect through the vpn your laptop passes the same account you logged on with to the servers for authentication. You either logged on with your domain account or you have a local account with that has the same username and password as your domain account. You can create a hosts file in c:\winnt\system32\drivers\etc\hosts (text file with no extension) with ip addresses and server names for name resolution. Getting WINS to work through VPN is tricky.
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide