VPN access through a PIX

We just recently migrated our Windows 2000 domain controller to a Windows
2003 Server. We have employees that remotely work by initiating a VPN tunnel
through our PIX firewall.

Before we migrated, people were able to access network resources from their
remote computer by typing something like this in Start > Run:
\\server-name\shared folder.

But ever since we migrated to a Windows 2003 domain controller, we can only
access anything remotely by typing: \\server-ip-address\folder share.

Any ideas why this is?

The original Windows 2000 DC was also the networks DNS/WINS server, but now
that server has been demoted, and the Windows 2003 server handles all the DNS
stuff. The Windows 2003 server has a different IP address than the Windows
2000 server did.

I have made all VPN configuration setting changes in the PIX so that it
accomodates the new IP address change.

So what's handling WINS?
Your problem seems to be with NetBIOS name resolution.

Chris

"Andrew" <(E-Mail Removed)> wrote in message
news:E9032ABC-C263-4029-9C86-(E-Mail Removed)...
> We just recently migrated our Windows 2000 domain controller to a Windows
> 2003 Server. We have employees that remotely work by initiating a VPN
> tunnel
> through our PIX firewall.
>
> Before we migrated, people were able to access network resources from
> their
> remote computer by typing something like this in Start > Run:
> \\server-name\shared folder.
>
> But ever since we migrated to a Windows 2003 domain controller, we can
> only
> access anything remotely by typing: \\server-ip-address\folder share.
>
> Any ideas why this is?
>
> The original Windows 2000 DC was also the networks DNS/WINS server, but
> now
> that server has been demoted, and the Windows 2003 server handles all the
> DNS
> stuff. The Windows 2003 server has a different IP address than the
> Windows
> 2000 server did.
>
> I have made all VPN configuration setting changes in the PIX so that it
> accomodates the new IP address change.

Well I was told by Microsoft when we migrated that we don't even need WINS
installed on our network so I just never installed a WINS server after we
retired the old Windows 2000 DC.

Is that the problem?

"Chris Leiter" wrote:

> So what's handling WINS?
> Your problem seems to be with NetBIOS name resolution.
>
> Chris
>
> "Andrew" <(E-Mail Removed)> wrote in message
> news:E9032ABC-C263-4029-9C86-(E-Mail Removed)...
> > We just recently migrated our Windows 2000 domain controller to a Windows
> > 2003 Server. We have employees that remotely work by initiating a VPN
> > tunnel
> > through our PIX firewall.
> >
> > Before we migrated, people were able to access network resources from
> > their
> > remote computer by typing something like this in Start > Run:
> > \\server-name\shared folder.
> >
> > But ever since we migrated to a Windows 2003 domain controller, we can
> > only
> > access anything remotely by typing: \\server-ip-address\folder share.
> >
> > Any ideas why this is?
> >
> > The original Windows 2000 DC was also the networks DNS/WINS server, but
> > now
> > that server has been demoted, and the Windows 2003 server handles all the
> > DNS
> > stuff. The Windows 2003 server has a different IP address than the
> > Windows
> > 2000 server did.
> >
> > I have made all VPN configuration setting changes in the PIX so that it
> > accomodates the new IP address change.
>
>
>

I'm not sure why you were told that. Many legacy applications rely on
NetBIOS, and if you run any of those apps, and you need to provide name
resolution over a subnetted network, then WINS would be the best way to
handle it.

Chris

Andrew" <(E-Mail Removed)> wrote in message
newsDF28BFC-392C-49ED-8C44-(E-Mail Removed)...
> Well I was told by Microsoft when we migrated that we don't even need WINS
> installed on our network so I just never installed a WINS server after we
> retired the old Windows 2000 DC.
>
> Is that the problem?
>
> "Chris Leiter" wrote:
>
>> So what's handling WINS?
>> Your problem seems to be with NetBIOS name resolution.
>>
>> Chris
>>
>> "Andrew" <(E-Mail Removed)> wrote in message
>> news:E9032ABC-C263-4029-9C86-(E-Mail Removed)...
>> > We just recently migrated our Windows 2000 domain controller to a
>> > Windows
>> > 2003 Server. We have employees that remotely work by initiating a VPN
>> > tunnel
>> > through our PIX firewall.
>> >
>> > Before we migrated, people were able to access network resources from
>> > their
>> > remote computer by typing something like this in Start > Run:
>> > \\server-name\shared folder.
>> >
>> > But ever since we migrated to a Windows 2003 domain controller, we can
>> > only
>> > access anything remotely by typing: \\server-ip-address\folder share.
>> >
>> > Any ideas why this is?
>> >
>> > The original Windows 2000 DC was also the networks DNS/WINS server, but
>> > now
>> > that server has been demoted, and the Windows 2003 server handles all
>> > the
>> > DNS
>> > stuff. The Windows 2003 server has a different IP address than the
>> > Windows
>> > 2000 server did.
>> >
>> > I have made all VPN configuration setting changes in the PIX so that it
>> > accomodates the new IP address change.
>>
>>
>>

DNS should work for you. But you may need to add the correct DNS suffix
on the client.

If the client can resolve the server using its FQDN (eg
server.domain.local), then DNS is working. To resolve it using just
"server", add the DNS suffix to the connection properties on the client
(advanced TCP/IP properties of the connection).

Andrew wrote:
> We just recently migrated our Windows 2000 domain controller to a
> Windows 2003 Server. We have employees that remotely work by
> initiating a VPN tunnel through our PIX firewall.
>
> Before we migrated, people were able to access network resources from
> their remote computer by typing something like this in Start > Run:
> \\server-name\shared folder.
>
> But ever since we migrated to a Windows 2003 domain controller, we
> can only access anything remotely by typing:
> \\server-ip-address\folder share.
>
> Any ideas why this is?
>
> The original Windows 2000 DC was also the networks DNS/WINS server,
> but now that server has been demoted, and the Windows 2003 server
> handles all the DNS stuff. The Windows 2003 server has a different
> IP address than the Windows 2000 server did.
>
> I have made all VPN configuration setting changes in the PIX so that
> it accomodates the new IP address change.