Re: Host a VPN on Home Computer
12-21-2010 09:29:20 AM
The underlying protocol used by Windows networking is TCP/IP, and has been ever since Windows 98. NetBEUI isn't used anymore. But there's some remaining NetBIOS protocols that run on top of TCP/IP. One of these is NetBIOS name resolution.
NetBIOS name resolution is the translation of Windows computer names into IP addresses. This is essentially an equivalent service to DNS, but doesn't usually operate with a central server except in older corporate environments (the NetBIOS name server/service used there is called WINS. WINS has been replaced in Windows Server 2003 and later by Active Directory-integrated DNS).
On Windows networks without a WINS or DNS server, NetBIOS name resolution is accomplished by broadcasts to a machine on the network that has been elected as the "master browser". The master browser is supposed to keep a list of every Windows machine in the workgroup and provide that to other machines on demand.
However, your office machine and home machine are in different workgroups (the office machine's workgroup is a centrally-managed workgroup, known as a domain). Because they're on different workgroups, they don't pay attention to each other's master browser. What this results in is a situation where your office machine will not be able to find the home machine on the network by name. There will be no NetBIOS name resolution for the home machine because whatever machine has been elected as the office workgroup's master browser (which will probably be your office machine since it's the only office domain machine on the network) will not keep track of machines in other workgroups.
So, to bypass this NetBIOS name resolution problem entirely, we simply map the home machine by IP address instead. That solves the first problem.
A second problem appears again because the two machines are on different workgroups. If you were mapping a drive from another machine joined to the office domain, your username and password that you used to log on to the office machine would be used for authentication and authorization on the machine serving the shared folder, and that machine would validate your username and password through the domain controller. But the home machine isn't a member of the domain and knows nothing about a domain controller, so it's only choice is to validate your username and password against it's local users table. This is why you have to supply a different username and password to map the drive, because it has to be a username and password that the home machine knows about.