DNS , NetBIOS , CIFS and PPTP
-
they didn't work for you local or remote.. The nblookup tool works just fine on windows 7..
Here is example - I fired up wins on my 2k8r2 vm, set my box to use it as wins - it registered itself.. See in the picture the records under the wins tool.. Then I can query them via cmd line tool nblookup
I don't believe windows 7 has wins features in netsh.. server does
-
Recursion is on
Querying WINS Server: 192.168.10.1
NetBIOS Name: zentyal
Suffix: 20Name returned: ZENTYAL
Record type: Unique
IP Address: 192.168.10.1Record type: Unique
IP Address: 192.168.5.1Record type: Unique
IP Address: 142.176.59.204Record type: Unique
IP Address: 10.0.5.1I cant nblookup any computers by name other than my wins server from my remote computer.
nslookup on the remote side works but cannot find that computer on the local network using the same commands from local machines.
-
Windows 7 machines block pings from computers not on the same subnet as them, try to disable your firewall to see if this is the cause. Also make sure that your firewall is set to home or work. If you have a machine that you can put Windows Server 2003 and up on, you can setup dns and then have the dns server look to WINs for host name resolving. Not sure about the various linux flavors if this is possible.
-
disable my firewall on the Windows machines or disable my physical firewall?
-
I am not having any issues pinging , just netbios . I joined all computers to work network and disabled the firewall. No change.
-
../source3/nmbd/nmbd_sendannounce.c:170(send_local_master_announcement)
send_local_master_announcement: type 849b0b for name ZENTYAL on subnet 192.168.10.1 for workgroup ZENTYAL-DOMAIN
[2013/12/23 02:08:45, 3] ../source3/nmbd/nmbd_sendannounce.c:189(send_workgroup_announcement)
send_workgroup_announcement: on subnet 192.168.10.1 for workgroup ZENTYAL-DOMAIN
[2013/12/23 02:08:45, 3] ../source3/nmbd/nmbd_sendannounce.c:170(send_local_master_announcement)
send_local_master_announcement: type 849b0b for name ZENTYAL on subnet 10.0.5.1 for workgroup ZENTYAL-DOMAIN
[2013/12/23 02:08:45, 3] ../source3/nmbd/nmbd_sendannounce.c:189(send_workgroup_announcement)
send_workgroup_announcement: on subnet 10.0.5.1 for workgroup ZENTYAL-DOMAIN
[2013/12/23 02:08:46, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:47, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:48, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:48, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:49, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:50, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:51, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:51, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:52, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:53, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:08:53, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.3 on subnet 192.168.10.1 for name PROSPERIDENT<1c>
[2013/12/23 02:08:54, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:08:56, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:08:57, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:08:58, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:08:59, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:01, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:53, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:09:54, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:09:56, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:09:57, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:58, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:09:59, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:01, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name JAKETEST-PC<20> from IP 192.168.10.55 on subnet UNICAST_SUBNET.
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name JAKETEST-PC<00> from IP 192.168.10.55 on subnet UNICAST_SUBNET.
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:172(process_name_refresh_request)
process_name_refresh_request: unicast name registration request received for name WORKGROUP<00> from IP 192.168.10.55 on subnet UNICAST_SUBNET.
[2013/12/23 02:10:21, 0] ../source3/nmbd/nmbd_incomingrequests.c:173(process_name_refresh_request)
Error - should be sent to WINS server
[2013/12/23 02:10:53, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:10:54, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:10:56, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet UNICAST_SUBNET for name WOLFDENT<20>
[2013/12/23 02:10:57, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:58, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:10:59, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:11:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:11:00, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:11:01, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WOLFDENT<20>
[2013/12/23 02:11:03, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WPAD<00>
[2013/12/23 02:11:04, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WPAD<00>
[2013/12/23 02:11:05, 3] ../source3/nmbd/nmbd_incomingrequests.c:459(process_name_query_request)
process_name_query_request: Name query from 192.168.10.22 on subnet 192.168.10.1 for name WPAD<00> -
above is my wins log
-
Let's assume that your WINS server is running correctly. Have you checked PfSense firewall logs? If you don't see anything there, have you tried using a Windows based WINS server to rule out a problem with your Linux setup? If you were using Windows Server I would tell you to check to see if any host had registered themselves on the server. I guess the same concept applies here, I'm assuming that you checked the server to see if any host had registered and they are not.
disable my firewall on the Windows machines or disable my physical firewall?
I meant just disable the personal firewall (temporarily) on your PC to see if that was causing the issue. I would never recommend disabling your PfSense Firewall unless it was behind another PfSense Firewall and you just wanted to use it as a router.
I believe NetBios uses port(s) 137-139 if you just want to allow these ports.
-
I have copies of Windows sever 2003 , 2008 and 2012. I have tried all of them and they work the same way as my samba server.
I have disabled the firewall on the Windows machines but I dont see anything changing. I have ran wireshark and I see the Windows machine on the remote ( public ) side is broadcasting on /32 netmask and the wins server is not replying to its requests.
-
Why would it be broadcasting anything? The query should be unicast. And is the query getting to your server? You do understand it would be UDP, maybe you only have TCP open on your firewall?
Here is query the query and the answer. You should be able to sniff at your pfsense lan interface and see this for a remote query.
edit: You know this would explain issues with dns as well, if your only allowing tcp traffic? Most dns is udp, sure it can use tcp some times, but its mostly all udp. If your not allow udp traffic - this explains issues with wins and dns.
-
ahh your right about tcp/udp. I will check that now and see what happens . Thanks again.
-
I was able to resolve one name one time… It was random and I did not change any settings during this . I got rid of my Ubuntu WINS and have Server2003RT2 as WINS now.
I simply tried to map one of the servers and it worked. I tried again and it failed..
I have posted my firewall settings , pptp settings , client side settings and wireshark settings . I hope someone can help me solve this.
Thanks again for all the help you've already provided
I am able to do nblookup and ping but get no nslookup.
-
Ok – thanks, but none of that is of any use to be honest.
Your firewall for example -- that 3rd rule is giberish on that tab.. how is lan net a source and pptp clients a dest on the pptp tab? A firewall interfaces are inbound.. so how is lan net going to be a souce of inbound traffic to your pptp interface? Your rules above that are wide open any any so even if that rule was correct it would never be needed or used.
What are you lan rules? You can ping we see.. So what is the point of a wireshark?? Where did you take that wireshark. How about a wireshark on your LAN interface do you see your nblookup or dns? going towards your wins or dns? When created on a pptp client? If you don't see it there, sniff on pptp internface - do you see it there, etc.
What are those IP settings that are blank suppose to tell us? Is this not your pptp connection on the remote client? So show us what it gets after you connect, since I have to assume your set for dhcp - but failed to show us that.
ALSO -- the one thing you did show tht is again wrong is handing out 8.8.8.8 to your pptp clients for dns?? How and the hell do you think googledns is going to resolve your local clients names? So why would you tell you pptp clients hey its ok you use googledns???
The sniff showing 51 snding smb stuff to .2 -- where was that sniffed at, at the client? Or somewhere actually useful like interfaces on pfsense so we can track where the packets get to or don't get too.
-
The third rule is garbage and the 8.8.8.8 google dns was used when I was using the default gateway and was having issues resolving FQDN's.
As for the blank settings , these are the settings that are on the remote side . the PPTP server is telling it where the wins sever is .. do I have to enter it in the WINS setting on the client regardless?
That wireshark was taken from a desktop . When I did a packet scan on the LAN interface using pfsense every single packet came back as TCP and I know this is not even possible . I dont know what the issue is exactly with it.
I will show you more relevant information and hopefully I can figure this out.
-
"every single packet came back as TCP "
It is if that is all your sniffing - did you happen to change your protocol to tcp.
If you did not see the udp packts for your nblookup and were set to sniff any – then maybe there you go, no wonder server never answers if packets never go out the lan interface the server to get answered.
as to settings on remote side -- how about what you a ipconfig /all for the pptp connection?? Blank screen is pointless.
-
I got everything working. I have no idea what I did to get it working but I still don't have what I want. I can now connect to computers using the netbios name but what I really wanted here was to have these computer show up in the network browser..is this possible? I don't know how Windows looks for computers on the local network but I presume it will not use a PPP connection to do this .. even if I force all traffic over the VPN.
Thanks for all your help , I couldn't have done it without.
-
If they are on the same segment they should show up in the browselist, it might just take a while. Who is the master browser for the segment?
And what workgroup are they in? Here is the thing they might have to be connected to the vpn for quite some time until they show up in the browselist.. And if they are not in the same workgroup - whois the master browser for that workgroup and the other workgroup, etc..
If the machine is online for long enough they should show up in the list, because you not routing segments your on the same segment.
-
The VPN connection has an IP 192.168.10.0 and the network I am connecting to is also 192.168.10.0. The LAN IP on my home network is 192.168.5.0. Wouldn't it cause issues if my Home (192.168.5.0) and my VPN (192.168.10.0) are on the same segment?
I may have misunderstood and all you are asking is if the VPN has the same as the network I am connecting to. If that is the question , yes.
I only connected for a few minutes each time , I should let it sit for awhile and see if they show up.
The setup I am using now is different than before. Pfsense is still the firewall but I was using a virtual Windows server 2003 to control DNS and WINS , now I am just running a physical 2012 server . The reason I switched was because I previously was using a Samba fileserver on Ubuntu 12.04 and it was kind of pointless to have both. I could have setup the Ubuntu server as both DNS and WINS but really when I plan on running 50 or so machines in the virtual server I think server 2012 is better suited.
Thanks again
