Cannot connect to local network shares when connected to VPN. Error: "the user name could not be found"

Setup UseRasCredentials=0 as discribed here: https://www.conetrix.com/Blog/post/Access-Domain-Resources-When-Connected-to-VPN.aspx

With some VPN setups, it is required that you go through the VPN gateway. That is how they maintain a safer network environment by not allowing you to download stuff from potentially threatening sites.

If you have a lax VPN setup, you can also uncheck the box that uses the VPN's default gateway, so any requests first hit your gateway (and domain dns) before hitting the VPN's gateway and DNS.

• In Windows 7, I click the network icon to view my connections, right-click the VPN and choose 'Properties.'
• Next, click the 'networking' tab.
• for each IPv6 and IPv4 (if they are enabled), double click the item, click 'advanced,' then uncheck the 'Use default gateway on remote network' checkbox. Click OK twice and follow the steps for the remaining IP versions.

Disconnect and reconnect to the VPN, if you had it active.

If you notice any connectivity issues, reenable the default gateways. As I said previously, the VPN may require this to be enabled.

Does your DNS server for VPN clients is the same as DNS server for Lan clients?

I think your problem is that the VPN clients use their DNS server from ISP, not from your VPN's DNS. You can make the VPN client use VPN's DNS by this step:

• Find this registry key:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage

• Double click Bind

• Move "\Device\NdisWanIp" item to top os the list

• Restart client.

or use simple reg file:

%systemroot%\system32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage /f /v Bind /t REG_MULTI_SZ /d \Device\NdisWanIp\0...

Remember backup your registry before doing anything in it.

Change the binding order so that your physical NIC is higher than your VPN interface. You may have to manually (or via script) poke things around further, depending on what the VPN software does.

I had a similar issue where DNS resolved, but could not ping or tracert the IP. The way I solved my problem was by re-checking the IP settings on the server. Turns out it did not have a default gateway and setting it resolved the issue.

If you are only not able to connect to the share using the "short" name, IE NetBIOS name, then I would recommend using a WINS server as it will allow you to resolve NetBIOS names over the VPN, as long as your VPN adapter allows you to specify a WINS server. For me, I have our internal AD DNS server also configured as a WINS server and our VPN server (Sonicwall) publishes both a DNS and WINS server to our VPN clients. With this configuration we are able to resolve both the NetBIOS names as well as the FQDN.

The other thing you can do is change your DNS suffices in the advance TCP properties on your network adapter. This will have your Name resolution of short names:

1. WINS
2. DNS using suffix 1
3. DNS using suffix 2
4. DNS using suffix N

Hope that helps

I think you need to set the firewall to use the PDC as its DNS so that it gives out that DNS server to the VPN clients. Or you could forward VPN requests to the PDC and make it a RAS server to use SSTP so that the clients are definitely going to have a consistent experience regarding DNS whether on VPN or LAN.

If you can PING the remote destination - (try using ip / or its dns name).

I had to delete all existing network drives by using the following command from command prompt: net use * /delete Then I rebooted the computer, connected to the vpn and mapped the network drive again using different credentials- and voilà, it works!

I found I had to reset the password and do an unlock for the user's account from within users and accounts on the server.

The workstation does not show credentials for domain accounts.

The password was somehow saved incorrectly for the user when the user logged in with an incorrect password.

Changing the password cleared out the cache and all is working.