Re: [m0n0wall] PPTP VPN server in a MS WorkGroup environment

From:	Mark Wass <mark dot wass at gmail dot com>
To:	thomas dot serra at bluewin dot ch
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] PPTP VPN server in a MS WorkGroup environment
Date:	Sat, 26 Nov 2005 06:03:31 +1000
Hi Tom

One small issue I had was DNS resolution. For example, a user at home 
creates a PPTP VPN into work and then wants to go to an internal website 
(say an intranet).

The user would type the address into the browser 
(http://mywork.intranet.com) and it would not resolve. One way to combat 
this was to manually enter DNS entries into the windows hosts file on 
all remote PC's (not a great idea) or to add DNS entries to the DNS 
forwarder on m0n0 and make a slight adjustment to a registry setting on 
each remote clients pc.

The registry modification simply re-arranges the order of DNS resolution.

It's based of this microsoft article - 
http://support.microsoft.com/default.aspx?scid=kb;en-us;311218

Here are the simple steps to modify the registry entry. This was also 
posted here

http://www.m0n0.ch/wall/list/showmsg.php?id=180/62

1.Click Start, click Run, type regedit32 in the Open box, and then click OK.

2.Click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage

3.In the right pane, double-click Bind.

4.In the Value data box, select the "\Device\NdisWanIp" item, press CTRL+X, click the top of the
list of devices, and then press CTRL+V. 

5.Click OK, and then quit Registry Editor.

Once you have completed this, when a remote hostlogs in they use m0n0 to resolve IP addresses.

I hope my little tid bit helps



thomas dot serra at bluewin dot ch wrote:

>Hi all,
>
>I'm planning to use m0n0wall as a PPTP VPN and FireWall solution for our
>small firm. Our office network is a MS-WorkGroup composed of 9 Windows XP
>machines.
>
>All machines in the WorkGroup contain the same 9 entries user base. All the
>machines are identical.
>
>Every week-end I'll will have around 6 users VPN connecting simultaneously
>to the network and accessing their desktop machine via MS Remote Desktop.
>
>I'm planning to use a WRAP from PC-Engines.
>
>My questions are the following:
>
>- Is the WRAP fast enough or shall I need a crypto card?
>  Should I prefer a PC?
>
>- Are there any bottle necks or special problems I should be attentive to?
>
>I had a very interesting answer from Mark Wass telling me about some issues
>I could face : http://m0n0.ch/wall/list/showmsg.php?id=222/34
>
>Did anyone face particular problems using m0n0wall as a PPTP VPN server in
>a MS WorkGroup environment? 
>
>Before starting with m0n0wall I'd like to be sure about the right hardware
>to use, and some possible problems I could face in a Microsoft environment.
>
>Thanks in advance for your help, suggestions, warnings and advises.
>
>Regards,
>
>Tom.
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>  
>