I've got a question for all you networking gurus out there:

I have a wireless router (Netgear MR814) that's connected directly to another LAN (in this specific case, a campus LAN). In order to access files on another computer on the campus, we usually just type: \\server\...\*.* into the IE window. Since I'm connected to the router instead of the network, when I do this it is unable to find any known server on the network. What I think is happening is the router is looking for that server on its own "internal" LAN instead of the campus LAN. Is there any setting to get around this, or will I simply have to bypass the router and connect directly to the LAN in order to access any of those servers?

Thanks in advance!

When you go to the "network neighborhood" what domains/workgroups/computers do you see both when wired into the LAN and when connected via the wireless router.

It could be that your campus is using the NETBEUI protocol exclusively to broadcast server names. If so, you won't see those names on the other side of most routers unless the router knows about a DNS or WINS server that is able to provide the server name IP address.

When you go to the "network neighborhood" what domains/workgroups/computers do you see both when wired into the LAN and when connected via the wireless router.

It could be that your campus is using the NETBEUI protocol exclusively to broadcast server names. If so, you won't see those names on the other side of most routers unless the router knows about a DNS or WINS server that is able to provide the server name IP address.

Rich - when I use the router, "MSHome" workgroup comes up (The default network which microsoft uses to describe all devices attached to the router). Interestingly enough, without the router, nothing except MSHome comes up, unless I type in a known server such as \\jacksoncomputer . When I do that, the workgroup that computer belongs to comes up, and so do all the members of that workgroup. Does this help you any in diagnosing the problem?

Also you may be able to create an LMHOSTS file on your computer to resolve NETBIOS server names to IP addresses.

Look at the text file LMHOSTS.SAM in the

system32/drivers/etc folder in your system root directory (usually WINDOWS or WINNT)

This file show you how to set up a static LMHOSTS file. The problem here is that you need to know the IP Address of each server, and if and when an address changes, you have to edit this LMHOSTS file

Rich - when I use the router, "MSHome" workgroup comes up (The default network which microsoft uses to describe all devices attached to the router). Interestingly enough, without the router, nothing except MSHome comes up, unless I type in a known server such as \\jacksoncomputer . When I do that, the workgroup that computer belongs to comes up, and so do all the members of that workgroup. Does this help you any in diagnosing the problem?

OK, it sounds like your campus LAN is cloaking NETBIOS names or otherwise firewalling them.

I wrote the previous message about LMHOSTS while you were also responidng.

The pragmatic way to resolve this is to create the LMHOSTS file. This will tell your computer that \\JACKSONCOMPUTER is the equivalent to typing in the IP address. Your Campus LAN administrator may already have a LMHOSTS file available for you to use.

Also you should make sure you can actually access the LAN servers through the router. You might not be able to this as a part of the LAN security if rthe servers are part of the campus INTRANET only. (Though the LAN port you connect your router to should, in all liklihood, give you INTRANET access)

To test for sure, do http://xxx.xxx.xxx.xxx/etc... where xxx.xxx.xxx.xxx is the IP address for JACKSONCOMPUTER

Does your router assign you a private dhcp address? (192.168....)

I doubt it issued a wins server address. This could be the problem. Do you get a wins server when you plugged directly into the campus network?

Another theory the dhcp server running on your router didn't issue a domain name that is the same as your campuses.

Netbeui could also be the issue (who uses this crap protocol any more!). Netbeui is a non-routable protocol.

Suggestions post an ipconfig /all when on the campus network and when on the private wireless lan.

Another suggestion is that some routers allow you to define one address as the default for all incoming connections. You could try to add the address of your pc into it and turn it on. My Linksys call is a DMZ host.

"Netbeui could also be the issue (who uses this crap protocol any more!). Netbeui is a non-routable protocol."

It does have one advantage. Since it is non-routable, it can provide a level of security for intranets compared with NETBIOS over TCP/IP. However, I agree it is also a crappy protocol, which is why it no longer is installed as a protocol in a default Windows XP setup.

After talking with the helpdesk staff, they told me to set the WINS server to theirs under the TCP/IP advanced settings for the wireless connection. This failed to work, but apparently people have gotten it to work. Yes, the router issues a private IP address to each computer connected to it.

Windows IP Configuration (with wireless router)



Host Name . . . . . . . . . . . . : SULLIM4-T30

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : rpi.edu



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : Workgroup

Description . . . . . . . . . . . : High Rate Wireless LAN Mini-PCI Adapter with Modem II

Physical Address. . . . . . . . . : 00-05-3C-03-E8-D9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 128.113.161.3

128.113.1.5

Primary WINS Server . . . . . . . : 128.113.172.123

Lease Obtained. . . . . . . . . . : Wednesday, October 01, 2003 1:14:44 PM

Lease Expires . . . . . . . . . . : Saturday, October 04, 2003 1:14:44 PM





Windows IP Configuration (With campus hardwired connection)



Host Name . . . . . . . . . . . . : SULLIM4-T30

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : dynamic.rpi.edu

Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-09-6B-90-43-C4

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : ---.---.---.--- (Not 192.168.0.1... edited for safety)

Subnet Mask . . . . . . . . . . . : 255.255.248.0

Default Gateway . . . . . . . . . : 128.113.144.254

DHCP Server . . . . . . . . . . . : 128.113.172.123

DNS Servers . . . . . . . . . . . : 128.113.28.67

128.113.26.77

Primary WINS Server . . . . . . . : 128.113.172.123

Lease Obtained. . . . . . . . . . : Wednesday, October 01, 2003 1:23:27 PM

Lease Expires . . . . . . . . . . : Wednesday, October 01, 2003 1:53:27 PM



Does this help anyone?

Well it could be that your router can't forward WINS requests properly. I am not familiar with your particular model, but I know people have had problems with WINS resolution on some models of Netgear routers.

But do this to make sure your workstation is using TCP for NETBIOS inquiries.

1. Go to your Local Area Connection in the control panel and right-click to get the properties window.
2. In the properties window, highlight "Ineternet Protocol (TCP/IP" and click the Properties bar just below it.
3. When the TCP/IP properties window comes up. Click on the WINS Tab.
4. Make sure that the radio button is picked which says "Enable NETBIOS over TCP/IP".

Note: This last window is also where you go to enable LMHOST lookups using an LMHOSTS file as I explained earler - an alternative to trying to use a WINS Server.

You might also try to contact Netgear Support.

"IP Address. . . . . . . . . . . . : ---.---.---.--- (Not 192.168.0.1... edited for safety)"

Doesn't matter too much because you are likely to get a different one every half hour. But if it isn't in the 128.113.---.--- address space, let me know.

I checked over those settings you mentioned Rich and they didn't make any difference. That IP is in the 128.113.---.--- space.... so it looks like Netgear support is my last option here.

I'll see what I can find out as well. Not doing much today anyway and its a good learnign experience for me also.

How do you like Troy? When I was an engineering manager for a supercomputer company, I used to recruit enegineers from RPI.

They also are doing some work in nanotechnology whcih I find fascinating.

I really love it here at RPI. Ironically enough I'm a computer science major, so I should know enough about this stuff, but unfortunately my knowledge is limited to C, C++, and a bit of Pascal; just started learning about WIN APIs and UNIX system calls in my operating systems class. Troy is of course Troy... already starting to get sub-40 degree nights here, although hockey season is coming up, so that'll nullify Troy's evil weather patterns.

Just thought of one thing that might help you diagnose the problem:

In order to connect to the campus network when you're off campus, or when you're connected to the University's wifi, you need to use their Cisco VPN dialer. I've tried this, and it allows me access to the campus Samba server (i.e. my network drive), but it still cannot find any other computer connected to the residential network. Without using the dialer, I am unable to connect to Samba even though I am on campus.

Just for kicks, try adding another Microsoft protocol to your LAN connection:

Add:
NWLink IPX/SPX/NetBIOS

You can always remove it if it doesn't solve the problem.

A couple of other questions.

Is your workstation using Win2k or WinXP?

What network components do you have installed on the workstation?

I've got an IBM Thinkpad T30 that's running XP Professional. I have exactly what came with the laptop - a 10/100 ethernet card as well as an 802.11b built-in wifi card. The wifi card has worked fine at home (using the same model router, but connected to cable modem) as well as with the RPI wireless network. Just not when it's trying to access computers on the LAN that the router connects to.

Here is a suggestions from Netgears manual.

http://www.netgear.com/docs/mr814/wwhelp/wwhimpl/js/html/wwhelp.htm

Use the Port Forwarding menu to configure the router to forward incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a Default DMZ Server to which all other incoming protocols are forwarded. The DMZ Server is configured in the Security Menu.

Here is a suggestions from Netgears manual.

http://www.netgear.com/docs/mr814/wwhelp/wwhimpl/js/html/wwhelp.htm

Use the Port Forwarding menu to configure the router to forward incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a Default DMZ Server to which all other incoming protocols are forwarded. The DMZ Server is configured in the Security Menu.

BINGO! I thought I tried this before, and when I did it wouldn't allow any access to the wireless portion of the network, but defining the DMZ server to my laptop's IP address worked like a charm. Anybody know why this works?

Probably because connections initiated from the campus network cannot reach your PC unless you DMZ your machine. Allows better two way connectivity. Of course, this increase the risk to your computer from worms, etc... So, be sure to have your patches up-to-date and run a software firewall and antivirus.

Yeah, but now you don't get the benefits of using your firewall....i.e. it doesn't protect you if you're on the DMZ.

You still haven't fixed the problem.

It's possible your router is blocking NETBIOS, port 139 I think. They are probably just using simple filesharing.

Have you checked your firewall logs to see when traffic is being denied/blocked?

Are you using a personal firewall preventing file sharing access or NETBIOS?

Its possibel that he is still somewhat protected by RPI's firewall scheme (but possibly not from other campus nodes)

A good test of security is to go to www.grc.com and run Gibsons port scanner "shields up" test.

I use Zone Alarm on my PC because my machine has a fixed legitimate IP address. I get scanned or pinged about every 40 secs from systems all over the world.

From the Internet, yes, but not from the internal network (which could be riskier).

The use of a router AND personal firewall will be the best level of protection you can get affordably.

"... which could be riskier"

from college students? Naw! :) :)

"I really love it here at RPI. Ironically enough I'm a computer science major, so I should know enough about this stuff, but unfortunately my knowledge is limited to C, C++, and a bit of Pascal"

Damn spoiled youth of today! When I was your age we had to do everything in machine language... and toggle it in through console switches! :)

Being in Troy, you still probably have to walk to school in the snow, however!

Enjoy college life. Have fun... but visit the library too!

Thanks for the additional responses all.

I tried unblocking port 139, but that didn't work... only making it the DMZ server acutally has allowed me to share files. I'll research this a bit further to see exactly which ports we use on campus to fileshare.

Heh machine language... we got into IA32 assembly last semester, and it really wasn't too bad understanding it. But to program like that full time... I guess I am really lucky!

A quick update:

I found out that Windows 2000 and later puts NETBIOS traffic on port 485, while 9X/ME puts it on the trio of 137-138-139. I've been able to simply enable port forwarding for port 485 and dump the DMZ server, which allows me to enjoy the benefits of filesharing. Thanks all!