The Adtran community holiday season is starting next week! The holiday period will span from December 21, 2024 to January 6, 2025. During this time, responses to feedback form submissions may be delayed. If you are encountering product issues, you can reach out to Adtran support at any time.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable

WINS over VPN

Jump to solution

Is there a way t push WINS name resolution over VPN? I can se computers by IP address, but not by their WINS name. Is ther ea way to overcome this so my users can navigate easier between the networks?

Are there better VPN options to tie my network together? Do I always need to use NAT? Or is it possible to ever put VPNs on the same subnet?

Sorry,  alot of questions, but wondering if there is a best practivces guide or white paper on VPNs?

Thanks!

0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: WINS over VPN

Jump to solution

@travisrigby - If you have a VPN tunnel between 2 routers, then there is nothing to be configured for WINS name resolution to work. You will need to ensure that the PCs trying to access other network equipment are configured with the correct WINS server and have connectivity to that server. If the IPs are able to communicate, then the router is not preventing the names from being resolved.

If you are using a VPN client to access network devices by name, then you will need to configure a WINS server IP address to hand out to the VPN client when it negotiates. This can be done in the web interface by navigating to VPN Peers and the clicking on the mobile VPN peer under the "Create VPN Peers" section. Under the section "Remote Addressing", you will see the option to specify a primary and secondary WINS server.

In the CLI, this can be specified by the commands below:

(config)# crypto ike client configuration pool <Pool Name>

(config-ike-client-pool)# netbios-name-server <WINS server IP>

VPN networks have to be on different subnets due to the nature of the NetVanta routers. If a NetVanta router has to deliver a packet that is on the same subnet as one of its interfaces, it will see that traffic as local and will proceed to ARP for which interface to send the traffic out. That traffic will never be routed and, therefore, will never be touched by the crypto map.

You may find the following documents helpful:

Understanding IPSec VPNs

Configuring VPN using Main Mode

Configuring VPN using Aggressive Mode

Configuring VPN using a VPN Client

Configuring ShrewSoft VPN Client

Other VPN documents are available in the forum. Simply navigate to the product category in question and click on "AOS Documentation" on the top left of the page. Once you click on that, you will see documentation categories listed below. Select the "VPN" category, and you will see the relevant VPN documentation for that product.

Let us know if you have any questions.

Thanks,

Noor

View solution in original post

0 Kudos
3 Replies
Anonymous
Not applicable

Re: WINS over VPN

Jump to solution

@travisrigby - If you have a VPN tunnel between 2 routers, then there is nothing to be configured for WINS name resolution to work. You will need to ensure that the PCs trying to access other network equipment are configured with the correct WINS server and have connectivity to that server. If the IPs are able to communicate, then the router is not preventing the names from being resolved.

If you are using a VPN client to access network devices by name, then you will need to configure a WINS server IP address to hand out to the VPN client when it negotiates. This can be done in the web interface by navigating to VPN Peers and the clicking on the mobile VPN peer under the "Create VPN Peers" section. Under the section "Remote Addressing", you will see the option to specify a primary and secondary WINS server.

In the CLI, this can be specified by the commands below:

(config)# crypto ike client configuration pool <Pool Name>

(config-ike-client-pool)# netbios-name-server <WINS server IP>

VPN networks have to be on different subnets due to the nature of the NetVanta routers. If a NetVanta router has to deliver a packet that is on the same subnet as one of its interfaces, it will see that traffic as local and will proceed to ARP for which interface to send the traffic out. That traffic will never be routed and, therefore, will never be touched by the crypto map.

You may find the following documents helpful:

Understanding IPSec VPNs

Configuring VPN using Main Mode

Configuring VPN using Aggressive Mode

Configuring VPN using a VPN Client

Configuring ShrewSoft VPN Client

Other VPN documents are available in the forum. Simply navigate to the product category in question and click on "AOS Documentation" on the top left of the page. Once you click on that, you will see documentation categories listed below. Select the "VPN" category, and you will see the relevant VPN documentation for that product.

Let us know if you have any questions.

Thanks,

Noor

0 Kudos
Anonymous
Not applicable

Re: WINS over VPN

Jump to solution

@travisrigby - I marked this question as "assumed answered," but please do not hesitate to reply to this post with additional questions.  I will be happy to help in any way I can.

Thanks,

Noor

Anonymous
Not applicable

Re: WINS over VPN

Jump to solution

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Noor