Hi,
I think you misunderstand me. The Option "NetBIOS over TCP" in the NIC properties just enables or disables NetBIOS on some workstation. It is enabled by default and if you disable it, all programs that use the NetBIOS API won't work. In particulary, the SMB protocol is used in its SMB over TCPI variant instead of encapsulating it in NetBIOS packets that are themselves tunneled in TCP packets.
This option has to be enabled that the Browser service can work. If so, it uses NetBIOS broadcasts that are implemented as ordinary UDP broadcasts in the subnet. The firewall as a Layer 3 device will be the border of the broadcast domain and therefore not forward these broadcast packets through the VPN tunnel.
What I'm actually looking for is a ScreenOS option that the FW detects these broadcast packets and forward them anyway through the tunnel after doing some kind of rewriting of the packet to reflect that they are now in a different subnet. Very similiar to the way a DHCP relay works that listens too for some specific broadcast messages and forwards them to a server configured in the options.
Regards,
Dominik