Configure VPN sites to pass Microsoft NetBIOS broadcast traffic
10/14/2021 840 People found this article helpful 394,739 Views
Description
Some Microsoft networking environments rely heavily on broadcasts to advertise and locate network resources (servers, print devices, etc). By default, SonicWall devices are configured to not pass these Microsoft NetBIOS broadcasts across VPN tunnels. In this article, we will detail how to configure SonicOS to pass these broadcasts across the VPN tunnel bidirectionally. Please note this may increase traffic in some environments.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Configure both sites to pass Microsoft NetBIOS broadcast traffic
- Go to the Network| IPSec VPN | Rules and Settings page.
- Click on the Configure icon next to the VPN policy you previously created.
- On the pop-up that appears, go to the Advanced tab and check the box next to 'Enable Windows Networking (NetBIOS) Broadcast’.
- When done, click on the ‘OK’ button to save and activate the change. For an example, see screenshot below.
- Then, navigate to Network |System | IP Helper page.
- Enable the box next to ‘Enable IP Helper’.
- Make sure the ‘Enable DHCP Support’ is disabled (unless you are using this feature)
- Check the box next to NetBIOS (in older versions this option would be called ‘Enable NetBIOS Support’).
How to Test:
From a host behind one of the SonicWalls, ping a host on the other side of the VPN by it's NetBIOS name. Before testing make sure the host you are trying from and the host being accessed has NetBIOS enabled in their NIC.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Configure both sites to pass Microsoft NetBIOS broadcast traffic:
- Go to the Manage tab.
- Click VPN | Base Settings.
- Click on the Configure icon next to the VPN policy you previously created.
- On the pop-up that appears, go to the Advanced tab and check the box next to 'Enable Windows Networking (NetBIOS) Broadcast’.
- When done, click on the ‘OK’ button to save and activate the change. For example, see screenshot below.
- Then, go to the Network | IP Helper page.
- Check the box next to Enable IP Helper.
- Make sure the box next to Enable DHCP Support is unchecked (unless you are using this feature)
- Check the box next to NetBIOS (in older versions this option would be called ‘Enable NetBIOS Support’).
You will notice that there will be an autocreated IP Helper Policy listed as a result of the previous step’s configuration. When done, click on the Apply button in the upper-right-handcorner to save and activate the change.
How to Test:
From a host behind one of the SonicWalls, ping a host on the other side of the VPN by it's NetBIOS name. Before testing make sure the host you are trying from and the host being accessed has NetBIOS enabled in their NIC.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Configure both sites to pass Microsoft NetBIOS broadcast traffic:
- Go to the VPN | Settings page
- Click on the Configure icon next to the VPN policy you previously created.
- On the pop-up that appears, go to the Advanced tab and check the box next to 'Enable Windows Networking (NetBIOS) Broadcast’.
- When done, click on the ‘OK’ button to save and activate the change. For an example, see screenshot below.
- Then, go to the ‘Network | IP Helper’ page.
- Check the box next to ‘Enable IP Helper’
- Make sure the box next to ‘Enable DHCP Support’ is unchecked (unless you are using this feature)
- Check the box next to NetBIOS (in older versions this option would be called ‘Enable NetBIOS Support’).
You will notice that there will be an autocreated IP Helper Policy listed as a result of the previous step’s configuration. When done, click on the Apply button in the upper-right-handcorner to save and activate the change.
How to Test:
From a host behind one of the SonicWalls, ping a host on the other side of the VPN by it's NetBIOS name. Before testing make sure the host you are trying from and the host being accessed has NetBIOS enabled in their NIC.
Related Articles
Categories