Hi all,

Before I go any further I need to make it clear that LMHOSTS, WINS or DNS is not a workable solution for us.

I'm in the process of upgrading 3 sites from 2920s to 2960s for the increased VPN throughput. Everything has been going fine until I came to getting NetBios working over the VPN. The 2960 has no "Allow NetBIOS pass thru" option and from the syslog monitoring I've done the packets are not being blocked by the firewall either.

So my question is; How do I get this amazing piece of kit to replicate something that was incredibly easy to configure on the 2920 ?

Can you not create a firewall rule VPN to VPN for netbois to pass immediately?
I think you'd need to allow ports 137 139 and 150 but could be wrong

I've tried that.
I've got rules in place for both directions but I am never seeing syslog entries that the rules are being applied.

what if you try WAN in the form to instead of VPN?

Is the default Block NetBIOS>DNS rules in place or have you removed that?

> mngt defen
Usage:: defenseworm [?|on|off|add port|del port|viewlog|clearlog]
Defense Worm Packet Out is OFF!!
Block TCP port list: 135, 137, 138, 139, 445

Oo I'll check that out.

I've swapped from PPTP to IPSec in the hope that would fix my problem. It didn't but it did highlight that the fraggle block protection was cutting in for some of the packets. I tried disabling all DOS protection just to test but it didn't resolve the issue.

I'll try your suggestions tomorrow, I've got to do some "real work" before the world ends ;)