ActiveSync Over VPN?

G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

Hi,

I have two networks set up:

NETWORK#1: 192.168.0.0/24
NETWORK#2: 192.168.1.0/24

There is a Point-2-Point T1 between the two networks. Any computer on a
network can ping any computer on the other network.

There is a computer on NETWORK#2 named S12. I want to sync my Pocket PC
(Samsung i700) with S12. Here are two ways that currently DO work:

1) I can place the PPC in a cradle that is attached to S12 via USB. The
sync works properly.
2) I can insert my WiFi card into the PPC and connect to NETWORK2's
wireless network. The sync works properly over IP.

Here's what I CANNOT do:

- Connect to Network#1 via VPN and sync with S12 over IP.

The problem is NOT connectivity or routing-related. I know this because:

- I can connect to the NETWORK#1 VPN via the PPC and establish a
terminal session with S12.
- I can ping the PPC from S12 while the VPN connection is alive.

The only thing I *can't* do is ActiveSync over the VPN. The connection
is never established. It always fails. Any *other* IP interaction between
S12 and the pocket PC (over the VPN) works just fine. I'm not sure what's
wrong. Once the VPN connection is established, there are no firewalls in
place that should be blocking this type of activity. Any ideas?

Sal
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

_if_ you can ping these addresses, try pockethost and set up a
relationship between the two windows computer names and their ip
addresses, then you should be able to sync _without_ vpn.

Once you get pockethost setup, open activesync tools/options and check
the remote box plus assure that they appropriate computer name shows in
the box.

Beverly Howard [MS MVP-Mobile Devices]
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

Hi Beverly,

Thanks for the response. Excuse my ignorance, I'm very new to this.

What exactly is PocketHost? The relationship between computer names and
their IP is handled by my DNS server (isn't it?). Why would I need another
mechanism to map names to IPs? I seem to be able to connect to *other* IP
services on my desktop (i.e. Terminal Server, ping, etc.), so name
resolution doesn't seem to be the root of the problem -- but then again,
looks can be deceiving.

Why do you say that I'd be able to sync *without* a VPN? The desktop I
am syncing with has an internal IP address. It is behind a firewall. As far
as I know, the only way to reach it from the external world is to use a VPN
tunnel.

David

"Beverly Howard [Ms-MVP/MobileDev]" <BevNoSpamBevHoward.com> wrote in
message news:unYP$sNpEHA.3876@TK2MSFTNGP15.phx.gbl...
> _if_ you can ping these addresses, try pockethost and set up a
> relationship between the two windows computer names and their ip
> addresses, then you should be able to sync _without_ vpn.
>
> Once you get pockethost setup, open activesync tools/options and check
> the remote box plus assure that they appropriate computer name shows in
> the box.
>
> Beverly Howard [MS MVP-Mobile Devices]
>
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

Just to follow up. I did a search on PocketHosts, installed it, and now I
can form a connection to the desktop for syncing. The problem is, the sync
never takes place. Here's what I see:

On the desktop: "Guest": Connected:
On the PPC: Connecting...

It's as if the connection never took place.

David
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

Here's the solution in case anyone else is interested:

For reasons known only to Microsoft, when the PPC ActiveSync client
tries to resolve the IP address of the desktop machine, it doesn't use DNS
[like every single other network application]. Instead, it uses some old
name resolution technology called Netbios. Netbios performs name resolution
using broadcasts. This explains why:
1) I was able to resolve the IP address of the desktop when connected
via WiFi to Network#2 and
2) I was NOT able to resolve the IP address of the desktop when
connectied via VPN to Network#1.

In order to use Netbios to resolve the IP address of a machine that's
NOT on your local network, a WINS server must be used. I installed the WINS
service on one of the servers on Network#1 and pointed to that WINS server
in the VPN settings on my PPC. I then entered a static WINS entry for S12
(my desktop) into the WINS database.

That fixed the problem. I can now run ActiveSync over a VPN (over
Verizon's cellular network) just as easily as I do via WiFi or USB.

Other posts have suggested that the name resolution problem could more
easily be solved by using an application called "PocketHost" which creates
the equivelent of an LMHOSTS file on the PPC. This approach "almost" works,
but not quite. It *does* allow the PPC to resolve the IP address of the
desktop machine to which it's syncing... BUT.. for some reason, it forces
the PPC to logon to the desktop under the "Guest" account and, wouldn't you
know it, the "Guest" account cannot perform ActiveSyncs.

So there you have it. Hopefully this explanation will be helpful to
someone.

Sal
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

reconfirm that the ip's match the computer names... i.e. that they are
not transposed and that the desktops actually report that they are using
that ip when you run ipconfig.

I assume that the "connection" you are referring to is via wifi and not
a usb connection... you should not be connected via usb for this test

confirm that activesync has ethernet connections checked

With the above checked, reboot both devices, leave one of the sync pc's
powered down and report back with your "wifi only" connection attempts.

For followup, please terminate this crosspost thread and start a new
thread in microsoft.public.pocketpc.activesync only.

good luck

Beverly Howard [MS MVP-Mobile Devices]
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

>> here's the solution <<

Excellent information, thanks for the post

Beverly Howard
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

I guess that's why I never had a problem. I run a WINS server here so I
never had to use a host file and everything just worked. Great Information.

--
Eric Hicks [That_Kid] (MS-MVP Mobile Devices)

The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...



"Sal Bompensaro" <MontherInLau@grandson.pop> wrote in message
news:uBx9woRpEHA.1160@tk2msftngp13.phx.gbl...
> Here's the solution in case anyone else is interested:
>
> For reasons known only to Microsoft, when the PPC ActiveSync client
> tries to resolve the IP address of the desktop machine, it doesn't use DNS
> [like every single other network application]. Instead, it uses some old
> name resolution technology called Netbios. Netbios performs name
> resolution
> using broadcasts. This explains why:
> 1) I was able to resolve the IP address of the desktop when connected
> via WiFi to Network#2 and
> 2) I was NOT able to resolve the IP address of the desktop when
> connectied via VPN to Network#1.
>
> In order to use Netbios to resolve the IP address of a machine that's
> NOT on your local network, a WINS server must be used. I installed the
> WINS
> service on one of the servers on Network#1 and pointed to that WINS server
> in the VPN settings on my PPC. I then entered a static WINS entry for S12
> (my desktop) into the WINS database.
>
> That fixed the problem. I can now run ActiveSync over a VPN (over
> Verizon's cellular network) just as easily as I do via WiFi or USB.
>
> Other posts have suggested that the name resolution problem could more
> easily be solved by using an application called "PocketHost" which creates
> the equivelent of an LMHOSTS file on the PPC. This approach "almost"
> works,
> but not quite. It *does* allow the PPC to resolve the IP address of the
> desktop machine to which it's syncing... BUT.. for some reason, it forces
> the PPC to logon to the desktop under the "Guest" account and, wouldn't
> you
> know it, the "Guest" account cannot perform ActiveSyncs.
>
> So there you have it. Hopefully this explanation will be helpful to
> someone.
>
> Sal
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.pocketpc,microsoft.public.pocketpc.activesync (More info?)

Hi Sal,
Thank you for taking the time to summarize the problems with ActiveSync.

This problem has existed since the first Handheld PCs as well as all
generations of Pocket PCs.


--
Chris De Herrera
http://www.cewindows.net
http://www.tabletpctalk.com
http://www.pocketpctalk.com
http://www.mobilitytalk.com

"Sal Bompensaro" <MontherInLau@grandson.pop> wrote in message
news:uBx9woRpEHA.1160@tk2msftngp13.phx.gbl...
> Here's the solution in case anyone else is interested:
>
> For reasons known only to Microsoft, when the PPC ActiveSync client
> tries to resolve the IP address of the desktop machine, it doesn't use DNS
> [like every single other network application]. Instead, it uses some old
> name resolution technology called Netbios. Netbios performs name
> resolution
> using broadcasts. This explains why:
> 1) I was able to resolve the IP address of the desktop when connected
> via WiFi to Network#2 and
> 2) I was NOT able to resolve the IP address of the desktop when
> connectied via VPN to Network#1.
>
> In order to use Netbios to resolve the IP address of a machine that's
> NOT on your local network, a WINS server must be used. I installed the
> WINS
> service on one of the servers on Network#1 and pointed to that WINS server
> in the VPN settings on my PPC. I then entered a static WINS entry for S12
> (my desktop) into the WINS database.
>
> That fixed the problem. I can now run ActiveSync over a VPN (over
> Verizon's cellular network) just as easily as I do via WiFi or USB.
>
> Other posts have suggested that the name resolution problem could more
> easily be solved by using an application called "PocketHost" which creates
> the equivelent of an LMHOSTS file on the PPC. This approach "almost"
> works,
> but not quite. It *does* allow the PPC to resolve the IP address of the
> desktop machine to which it's syncing... BUT.. for some reason, it forces
> the PPC to logon to the desktop under the "Guest" account and, wouldn't
> you
> know it, the "Guest" account cannot perform ActiveSyncs.
>
> So there you have it. Hopefully this explanation will be helpful to
> someone.
>
> Sal
>
>