[pptp-server] another browsing problem

Jean-Serge Gagnon jsg at newlix.com
Mon Mar 12 12:43:52 CST 2001


Yes, forgot the lmhosts option. We've never really considered it since it
involves setting the lmhosts file to match on all systems and we needed a
scalable solution. You could do stuff like have the lmhosts on a shared
network machine, so then it may become a chicken-and-egg problem...

We also looked at forwarding of broadcast packets by adding firewall rules
and such, but decided to go the WINS route even though there are workgroup
problems with it (vpn-client can't be seen if it's the master of it's
workgroup, for example)...

Jean-Serge Gagnon - Applications Director
Newlix Corporation - jsg at newlix.com
http://www.newlix.com
(613) 225-0516 fax: (613) 225-5625



> -----Original Message-----
> From: robert [mailto:berzerke at swbell.net]
> Sent: Monday, March 12, 2001 12:28 PM
> To: Jean-Serge Gagnon; Martin Tettke; pptp-server at lists.schulte.org
> Cc: Alex Vandenham (newlix)
> Subject: Re: [pptp-server] another browsing problem
>
>
> On Monday 12 March 2001 09:43, Jean-Serge Gagnon wrote:
> > We've researched a lot of this stuff and if I'm not mistaking,
> the problem
> > is that Windows browsing will only work in this scenario with a WINS
> > server. NetBIOS browsing works with broadcast on the local LAN, so the
> > 10.100.100.x machines broadcast their existence to each other, but the
> > 192.168.1.x machines can't receive those broadcasts because of the
> > firewall. An other problem is that machines on the remote end of a ppp
> > connection can not broadcast between each other so your NetBIOS
> broadcast
> > looks like this (resize to view):
> >
> >                                                  -----
> >
> >                                                 | PC |
> >
> >                                          -bcast-|  1 |
> >  ------         ------         ------  /   ok    ----
> >
> > |vpn   |- no - |vpn   | - no -| fw   |/
> > |client| bcast |server| bcast |      |\          ----
> >
> >  ------         ------         ------  \  bcast | PC |
> >                                         -- ok --| 2  |
> >                                                  ----
> >
> > So, PC1, PC2 and fw can all see each other (if fw has NetBIOS), but they
> > can't see vpn server or vpn client and vise-versa. There are two ways to
> > solve this:
> >
> > 1- Add a WINS server to the network (can be on vpn server, fw,
> one of the
> > PCs or a new machine) and set up all clients to point to the
> wins server.
> > Entire network browsing will only work for all machines if they use the
> > same workgroup, otherwise, you need to use the machine's name directly
> > (\\pc1)
> >
> > 2- Find a way of forwarding broadcast packets across all
> subnets. We have
> > not found any public domains tools for this.
> >
> > Hope this helps a bit...
> <snip>
>
> There is a third option: the lmhosts file.  However, the Wins
> server is by
> far the easiest and least troublesome option.
>
> As for option 2 above, although I've never had the need or urge
> to try, I've
> seen another system where the routing tables (and firewall) were
> adjusted to
> allow broadcasts to pass.  Don't remember how he did it though, but it is
> possible.
>




More information about the pptp-server mailing list