VPN and netbios name

Discussion in 'Cisco' started by mmccaws, Mar 24, 2005.

  1. mmccaws

    mmccaws Guest

    Does either of cisco's VPN refuses authentication based on computer's
    netbios name? Does it check netbios name against wins or DNS?

    mmccaws, Mar 24, 2005
    1. Advertisements

  2. :Does either of cisco's VPN refuses authentication based on computer's
    :netbios name?

    I'm not sure what you mean by "either" of Cisco's VPN ?

    : Does it check netbios name against wins or DNS?

    I'm not sure of the context, but I think the answer you are
    looking for is NO, the VPN client does not pass the NETBIOS name
    for authentication.

    I'm not even sure how one -could- check a NETBIOS name against
    DNS, considering that they serve completely different purposes.
    Walter Roberson, Mar 24, 2005
    1. Advertisements

  3. mmccaws

    mmccaws Guest

    The difficulty lies in that MS ip stack will resolve to WINS if it
    doesn't resolve at a dns server. And WINS is not domain specific.

    So the scenario is you have a user or vendor authenticate to your VPN
    server. Your network runs WINS. The user has a netbios name that just
    happens to have the same host name as one of your non netbios servers.
    Your user's on windows xp and due to the fact that MS IP stack can
    adjust resolving order at will and with SP updates, it chooses to which
    ever service is more reliable it's chosen WINS instead of dns. Some of
    your clients could get timed out on a service they are trying to access
    because WINS is providing a resolved name which is different than the
    DNS name. This scenario can happen if you don't properly configure the
    global profiles DNS options.

    Actually what I saw was a lan admin saying that there was a computer
    responding to ping that had the same name, sheer coincidence, that she
    was assigning to a new computer. That name she ran into was a given by
    wins, dns didn't have it. But because winxp ip stack will try wins if
    it can't resolve it by dns, and that is true when you don't use a fqdn
    or a host name less than I beleive 15 characters, it use nbns or WINS.
    So she was using ping and it responded not knowing MS would use wins.

    To avoid really unfathomable problems and arguments, it would be nice
    to have that feature of ensureing no repeated netbios names. Most
    would argue, why bother AD doesn't need WINS. True, Exchange 2003 does
    if its going to work with more than one type of client.

    Any suggestions.

    Dave Smey
    mmccaws, Mar 25, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.