cant resolve server by DNS when connecting using PPTP VPN

[guest]

client = windows 7 64 bit

server = sbs 2011

I am connecting to my server using PPTP VPN tunnel. I am able to connect ok. Once I connect my default gateway shows 0.0.0.0 for the PPP Adapter. (VPN)

I am able to ping my server by ip address, FQDN but not NETBIOS DNS.

I am also unable to map network drive, etc, ..

Can you help?

[guest]

From your description, I notice the issue you are experiencing is: unable to access the share on SBS 2011 server when Windows 7 client connected via VPN. We will be working together to solve this issue, so please feel free to let me know if I have misunderstood anything.

Based on the information you posted, I would like to provide some suggestions below to narrow down this issue:

Suggestion 1
==========
Check the DNS setting on the SBS 2011 server, make sure the DNS is point to the IP of SBS 2011 server.

Suggestion 2
==========
Disable TCP Chimney Offload, RSS and NetDMA

If the issue persists, please follow KB 951037 to disable TCP Chimney Offload, RSS and NetDMA on the SBS 2011 box:

"Information about the TCP Chimney Offload, Receive Side Scaling, and Network Direct Memory Access features in Windows Server 2008"
http://support.microsoft.com/default.as ... -US;951037

I also list the following article for your reference:

“Information about the TCP Chimney Offload, Receive Side Scaling, and Network Direct Memory Access features in Windows Server 2008”
http://support.microsoft.com/default.as ... -US;951037

Suggestion 3
==========
Disable SMB digital signing on the server and the client.

Digital signing is useful in man-in-the-middle attack and for LAN users we can disable it and try the issue again. We can do this through Group Policy:

1. On the SBS 2011 box, open Group Policy Management and edit the Default Domain Policy and Default Domain Controller Policy.
2. On the Group Policy Object Editor, expand Computer Configuration->Policies->Windows Settings->Security Settings->Local Options.
3. On the right pane, please set the following settings:
a) Microsoft network client: Digitally sign communications (always) --> Disable
b) Microsoft network client: Digitally sign communications (if server agrees) --> Enable
c) Microsoft network server: Digitally sign communications (always) --> Disable
d) Microsoft network server: Digitally sign communications (if client agrees) --> Enable
4. Close group policy editor and run gpupdate /force on both the DC side and the Client side to refresh the policy.

SMB signing can also be set in Registry:
1. Run regedit to open Registry
2. Expand to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters
3. Check the value of "enablesecuritysignature" and "requiresecuritysignature" and set both to 0.
4. Expand to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters
5. Check the value of "enablesecuritysignature" and "requiresecuritysignature" and set both to 0.

Please note: group policy takes precedence of registry. If you have set SMB signing both in Group Policy and Registry, the settings in Group Policy will take effect.

I have included the following article for your reference:

"Overview of Server Message Block signing”
http://support.microsoft.com/kb/887429

Suggestion 4
==========
Uncheck the box on the PPP adapter properties "Use default gateway on remote network". And then add the domain name domainname.local of the server in "DNS suffix to this connection" on the PPP adapter.