SAMBA WINS Server + IPsec SIte to Site VPN = Browsing Service Not Work

  1. Posts : 9
    Windows 10

    SAMBA WINS Server + IPsec SIte to Site VPN = Browsing Service Not Work

    I have setup a Site-to-Site VPN using Sophos UTM at each end. I set up an Ubuntu VM as a WINS Server using Samba.

    So far so good. VPN Works.

    My problem is with the WINS Server. I have taken two Windows 10 computers and for both of them added the IP of the WINS server under Advanced TCP/IP Settings and changed NetBIOS to Enable NetBIOS over TCP/IP.

    The results are close but not quite right. The two computers with the modified settings can now ping each other using computer name rather than IP. Other computers on each end of the VPN can not do that.

    That said neither computer shows up in the Networks of the other. This is what I am trying to fix.

    It appears that name resolution is working for the computers that check in with the WINS server but that the Windows 10 browsing service is not adding those computers to the network.

    The LANs are and the WINS server is on and it comes back as __MSBROWSE__ for that network. For the computer that connects to the WINS server is showing __MSBROWSE__ when I check with nbtstat.

    When I check services Computer Browser is running.

    Can someone help me or at least point me in the right direction? This really shouldn't be this hard so I feel like I'm missing something obvious.
      My Computer

  2. Posts : 9,777
    Mac OS Catalina

    VPN will only work for outside the network, not meant for connections inside the network.
    Last edited by bro67; 17 Aug 2016 at 16:19.
      My Computer

  3. Posts : 9
    Windows 10
    Thread Starter

    Either you didn't understand the question or that response makes no sense. This is a site-to-site VPN connecting two networks. The issue of cross-subnet browsing is a well known problem.

    Anyway in case anyone comes looking changing the WINS node type to H-Node fixed the problem on subnet that does not have the WINS server.

    For the subnet that has the WINS server the browsing service has not yet added the other subnets computers but I am making progress.

    I think a more elegant solution would be to have another machine running at the other end and I might go that way yet as I found a couple of tutorials on that method but for now I'm trying to do it with every computer reporting to just the one WINS server on one subnet.
      My Computer

  4. Posts : 9,777
    Mac OS Catalina

    Nothing to state differently. See my post above. If the networks are outside of your house, you need to use a standard VPN like Open VPN. What you are trying to do is set up a Domain and use it in the wrong way. If the networks are behind the same modem, it still will not work, because VPN's are meant for outside across the Intranet.
      My Computer

  5. Posts : 9
    Windows 10
    Thread Starter

    My post says I have a site-to-site VPN setup that works and that even name resolving works -- my problem is just getting the browsing service to work across subnets.
      My Computer

  6. Posts : 9,777
    Mac OS Catalina

    Site to Site will not work with using Ubuntu or any distro as a VM. Use a Headless server running Open VPN. Browsing Services is going to be a little harder if there is a firewall on either side that is blocking.

    If you want to work in fixing the SAMBA problem, download Webmin and use it to make the changes. You are also using a Domain setup, so that means that you may want to look at using an alternative like NethServer or Zentyal, that gives you the proper backend for handling Domain and VPN. The easier is going to be NethServer. The stronger one if you are going to be sharing Windows mail, etc, would be Zentyal.
      My Computer

  7. Posts : 9
    Windows 10
    Thread Starter

    I'm not using Ubuntu -- I'm using two Sophos UTMs with IPsec.

    The Ubuntu VM is for a local webserver but I figured it could take on the extra duties of being a WINS server.

    The cross-subnet browsing is now working sporadically on one subnet which confirms it is possible I'm just trying to figure out why it is sporadic and why only on one of the subnets.

    As it currently stands the WINS server is on and when browsing can see all the computers on and but computers on can only see computers on Name resolution works for all computers on both subnets including across subnets which means that WINS is working but browsing is not.
      My Computer

  8. Posts : 9,777
    Mac OS Catalina

    What are the logs showing, along with the Firewall? Is it showing that the Keep Alive is being dropped on the main side, or remote location? Also is the firewall for Sophos and for the other machine handling the VPN properly? IPSec in itself has had some issues for a long time. Going from a 10.x.x.x/8 to a 192.x.x.x/32 can cause problems if the VPN is not set up properly. You may want to check the Sophos forums to see if anyone else is having this same problem.

    Wins is mainly used for Domains, should not be a problem with a VPN.
      My Computer


  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 13:31.
Find Us

Windows 10 Forums