Re: [Openvpn-users] Cannot browse private network

  Subject: Re: [Openvpn-users] Cannot browse private network
  From: John Locke
  Date: Mon, 26 Jan 2004 08:28:29 -0800

Well, I haven't administered Windows domains, though I know a little
about what's involved.

First of all, to get Windows networking to work across subnets, you need
to run a WINS server, and get all computers to use this. I believe if
you're set up as a domain (rather than a workgroup), you also need to
use WINS, so this is probably already set up.

If you're running a Windows domain, your computer needs an account on
the domain, and needs to "join" it to be able to authenticate to the
domain and do network browsing. I don't think you can join a domain over
a VPN connection (at least not a routed connection), because it happens
before you log in. But I think if your remote computer is already part
of the domain, and doesn't leave it (by joining a different domain or
switching to Workgroup mode), you should be able to access domain
resources over the VPN. So you need to physically plug into the LAN,
successfully join the computer to the domain, and then you should be
able to use OpenVPN successfully to browse the network (as long as WINS
is set up correctly).

If you're not running a Windows domain, you just need to set up a WINS
server (Samba makes this easy) and set all the computers to use the WINS
server, including your remote one.

The main problem you're going to have is if you need to connect to more
than one domain, or if you switch between domain and workgroup modes.

Now, to contradict myself, if you run OpenVPN as a service, and connect
to a bridged tap device, maybe you can join the domain from a remote
location? Perhaps this will get you successfully connected, and then you
can switch back to a routed tun configuration.

Hope that helps. I could be wrong about any of this, but at least it
gives you a few things to look at...

John Locke
Open Source solutions for small business problems

On Mon, 2004-01-26 at 04:34, Miguel Lima wrote:
> John,
> First of all, i'd like to thank you. I've done exactly what you told me to
> do, but I still cannot browse the domain. When I try to map a shared folder
> it works fine, but I did not feel the advantages mentioned on the mini-HOWTO
> of  TAP devices. Until now I'd rather work with the TUN devices wich
> configuration is easier and there is no broadcasts on the network . Do you
> have any comments to do about ?
> Miguel Lima

