[Openswan Users] Windoze services over IPSEC

Trevor Hennion trevor-os at thennion.demon.co.uk
Tue Feb 1 13:03:39 CET 2005

On Monday 31 January 2005 20:29, David Spear wrote:
> > > Can someone enlighten me on what I need to do to browse the windows
> > > network on my private net?  I tried setting up a WINS server on the
> > > 192.168.x.x. network in my dial-up connection properties, but that
> > > doesn't seem to do it.  Nothing shows up in the Network
> Neighborhood.
> > You cannot just use WINS for your dailup. WINS is a registration
> service,
> > so you need to configure everything in your network to use WINS, or
> they
> > have a big chance of not appearing in your WINS server at all.
> Okay, so here I am:
> Win2k/XP clients --> internet --> NAT firewall --> Openswan Gateway -->
> private net (
> Windows hosts on my private nets DO use WINS, they all point to the same
> WINS server (  So any box on any private subnet can see
> all the other hosts.
> My problem is, when I point my roadwarrior client to this same wins
> server via the networking setup dialog box in the dial-up connection,
> nothing shows up in the network neighborhood.  Nor do I see anything
> with "net view" from the command line.
> I have also enabled "NetBIOS over TCP/IP" in the connection settings.
> HOWEVER, when I use ipconfig to view my PPP connection on the windows
> box, I see "NetBIOS over TCP/IP: disabled".  Now, I am not clear as to
> the difference between NetBIOS and NetBeui.  NetBeui as far as I am
> aware is a non-routable MS protocol which may be used AS AN ALTERNATIVE
> TO WINS, basically all the windows machines just broadcast their
> existence to the local subnet.  I have seen various Google posts which
> indicate NetBEUI must be installed on WinXP to get WINS resolution to
> work but I find this hard to believe...
> I tried installing NetBEUI on XP (warning from MS that this protocol is
> discontinued) but wasn't allowed to attach it to my dial-up connections
> anyway.


NetBEUI stands for NetBIOS Extended User Interface - however for this 
discussion it's unimportant, as I have Win2k and a WinXp system connecting 
via a VPN to the office systems and can browse, and the WinXP system does not 
have NetBeui installed - it does implement NetBIOS over TCp/IP.

These are extracts from the notes I issue to our users that want to 'browse':
Right click 'My Network Places' and click 'Properties'. Right click on the 
connection you are using to connect to the office, and select Properties. The 
option 'Client for Microsoft Networks' should be enabled.
'File and Print Sharing' should NOT be enabled on any dial-up or Internet 
Define a WINS server - Highlight 'Internet Protocol' and click on 
'Properties'. If it is a dial up connection you will need to select 
'Networking' before finding 'Internet Protocol'.
Click on 'Advanced' -> WINS. Click 'Add'  and enter the WINS server's IP 
Make sure the 'NetBIOS' setting on the WINS page is either 'Default' or 
'Enable NetBIOS over TCP'IP'. Click 'OK' to exit the settings pages.
Restart your network connection to pick up the new settings.

I presume once your VPN is established that you can ping the systems you want 
to browse?, especially the WINS server?
Browsing is VERY slow. Without a WINS server it can take 15 minutes to find 
all the computers on a network!
Also try 'searching' for a computer on XP:
Click Start -> Search ->Computer or people -> 'A computer on the network'. 
Enter the full DNS name for the system ( one that you know you can ping)
The computer should be found. Clicking on that computer will display the 
shares available - or a login box.

Firewalls can break all this of course - we have several 'zones' on the office 
network - two not accepting browse requests even for VPN connections.

If you are really on a dial-up connection and not broadband, browsing can be 
so slow as to be useless.

Hope that helps.

Trevor Hennion


More information about the Users mailing list