Results 1 to 9 of 9
  1. #1
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts

    Extending Network Map across a VPN

    Hi,
    We have two LANs connected by a VPN. One is at 192.168.1.x and one is at 192.168.2.x - two subnets. They behave pretty much as one would expect two subnets to do. You can move files back and forth, ping or RemoteDesktop to computers on either LAN by simply specifying their IP address, etc.

    That was with XP Pro. Now I am starting to switch over to Windows 7 and am having some problems. The one I would like to ask about today may be simple, but I don't know. It involves "seeing" computers on the other LAN.

    If I open Windows Explorer and click on "Network" I see the two computers on my LAN. One is my Windows 7 machine, another is a Vista laptop. I do not see a "work group". My XP work group is WBSNET and I somehow managed to make my Windows 7 PC name its network "WBSNET" but that's probably mixing apples and oranges.

    If I type the IP address of one of the computers on the other LAN it will appear as an accessible computer under "Network" in Windows Explorer, but it won't be remembered if I close and later re-open WE.

    Windows 7 has these weird networking screens and wizards and stuff. I found one called the Network Map. It is here:

    Control Panel\Network and Internet\Network Map

    My Network Map shows the two computers on my LAN, it shows my LAN (WBSNET) and it shows "Internet". It does not show the other LAN at all. Is it possible to correct this? To Windows, that other LAN should just look like another LAN branched off of the local router. It shouldn't know or care that it is at the other end of a VPN.

    Thanks,

    --Brian

  2. #2
    5 Star Lounger chowur's Avatar
    Join Date
    Mar 2010
    Location
    Indiana
    Posts
    804
    Thanks
    0
    Thanked 54 Times in 51 Posts
    This site has helped more people than I can think about lol.Here's the link;http://www.howtogeek.com/howto/15247...-xp-and-vista/
    There is more information as well.
    Problems cannot be solved by the same level of thinking that created them. -Albert Einsten

  3. #3
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts
    I went through that article and found that my Windows7 machine was already setup correctly. It's about seeing other computers on your LAN and I have no trouble with that or file or printer sharing.

    It appears that "Network Discovery" is not occurring to the subnet on the other end of the VPN. How does Network Discovery work? Does it use a port that my router might be blocking? I thought firewalls only blocked ports to the outside world, not to internal stuff like VPN endpoints, but I've been wrong before.

    I am connected to a "Work" network. Microsoft, in their inimitably ignorant way, has apparently decided that there are only "Home" networks on single LANs, "Work" networks on single LANs, or "Domain" networks at "Enterprise" companies with their own DNS servers, servers numbing more than the drops of rain in a "Cloud" and armies of IT guys to make it work. (Or not - I have worked in those large companies before.) They've been such a large business for so long that they just have no clue what small businesses need or want or how we are setup. In my case, I've got a LAN at each of three locations. I have between three and six computers on each LAN. I have no IT staff and my annual IT budget for all equipment and services is about what they pay one of their own sysadmins in a month or two.

    So is "Work" really the right kind of network for what I want to do?

    Thanks!

    --Brian

  4. #4
    5 Star Lounger chowur's Avatar
    Join Date
    Mar 2010
    Location
    Indiana
    Posts
    804
    Thanks
    0
    Thanked 54 Times in 51 Posts
    First make sure ALL machines are members of the same Workgroup which by default is named Workgroup.
    On the Windows 7 machine go into Control Panel \ All Control Panel Items \ Network and Sharing Center then click on Change advanced sharing settings.
    You will want to verify the following settings under Advanced Sharing Settings for the Home or Work and Public profile.
    If you want any user to have access the public shares turn off password protection.
    Here's more information;http://www.howtogeek.com/howto/windo...dows-7-and-xp/
    Last edited by chowur; 2011-06-10 at 23:16.
    Problems cannot be solved by the same level of thinking that created them. -Albert Einsten

  5. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 986 Times in 916 Posts
    The VPN is a different subnet and your machines need a route to this network, either set locally or on the router/firewall.
    You have not mentioned how the VPN connects to the network or where the route is set, so It's hard to know what advice to give. More info please?

    cheers, Paul

  6. #6
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts
    Thanks, chowur. All machines on both subnets are in the workgroup WBSNET.

    I have been through that article in detail and had already done everything it suggests. I think this is going to be a tricky one. :-)
    Last edited by Backspacer; 2011-06-12 at 12:20.

  7. #7
    3 Star Lounger Backspacer's Avatar
    Join Date
    Sep 2002
    Location
    Scappoose
    Posts
    332
    Thanks
    20
    Thanked 12 Times in 11 Posts
    Thanks, PaulT.

    There is a subnet (192.168.1.x) on one end of the VPN and another (192.168.3.x) on the other end. Are you saying that the VPN itself is a third subnet? It doesn't seem that way in the setup on the router. But this new router is a lot more complex to setup than the old one, so I might have missed something. They do have some strange concepts about virtual, physical, and zones which I haven't become completely comfortable with yet.

    I'm not sure I know how to answer your second question, but I'll try. There are two identical routers: ZyXEL USB-20W models. These are gateway routers with firewalls and WiFi and so on. Each of them is connected to the Internet through another DSL router. But their installations are not identical. One of those DSL routers, the main office one, is set to Bridge mode, so it is basically just a DSL modem. So really the USB-20W on this end is the main gateway router onto the Internet. The LAN side is set to 192.168.1.1 and it functions as the gateway for that subnet. (192.168.1.x)

    The other of those DSL routers is still setup as a router, but the firewall is turned off and the only thing it does is route the traffic direct between USB-20W and Internet. The ISP wouldn't let me set it to Bridge mode - they check something on the router periodically to make sure and shut you down if they don't find an approved router. So the USB-20W on this end gets its WAN address by DHCP from the DSL router. The LAN side of this router is 192.168.3.1 and it is the gateway for subnet 192.168.3.x.

    A site-to-site VPN is setup between those two subnets. In theory, it should act as if they were just separate subnets on the same router. I don't use static routing, so the routers should be able to figure this out for themselves, shouldn't they?

    In practice, the computers on either end of the VPN are available. I can Remote Desktop to 192.168.1.100 and it works. I can even enter than address into the address field in Windows Explorer and the shared files and printers on that system will be made available to me. But its name will not appear in Windows Explorer so it's hard to be sure which system I am looking at. I would like to have the Network Discovery work across the VPN. It will save a lot of time and confusion and might keep me from overwriting a file on the wrong system or something. I think it might also eliminate another problem where printers shared across the VPN become "unshared".

  8. #8
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 986 Times in 916 Posts
    The VPN is just a logical connection. In this case the route between networks is handled by the VPN router, so you don't need to add it manually.

    Machine names are stored by one of the computers which has been identified by it's peers as the "master browser". I suspect Win7 performs the "computer browser" function differently and won't show "off net" machines as part of the workgroup - I haven't confirmed this. It may be worth searching for "computer browser windows 7" and seeing what is happening. Alternatively, Win7 could use the local DNS in preference to the "browser" and as you have 2 DNS servers - the routers - you will not see computers on the other DNS.

    cheers, Paul

    [Edit] This article has a nice little utility for finding the master browser.

    WINS is the beast you require for multi sub-net networks, but you don't seem to have one. Maybe one of your XP boxes had WINS installed?
    Last edited by Paul T; 2011-06-12 at 13:44.

  9. #9
    New Lounger
    Join Date
    Dec 2009
    Location
    Anchorage, AK, USA
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You might consider NeoRouter to supplement your current VPN setup or replace it. I'm currently using the free version 1.30 to link two LAN's at my house with my Dad's network in another state, with a mix of WinXP and Win7 64 machines. It's working fairly well for remote access (RDP, vnc, TeamViewer) to all machines.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •