Solved

Lan to Lan VPN and Windows Firewall

Posted on 2008-09-30
2
715 Views
Last Modified: 2012-06-21
Hi all,

I am trying to setup a Lan to Lan VPN between head office and a branch office. The same behaviour is happening whether i set it up for PPTP or IPsec. Everything is connected and i can access router configurations and ping between offices, however i can only browse file shares between pc's on the different networks if i switch the Windows Firewall off on the pc's.

Subnets:
Head Office: 192.168.2.X
Branch Office: 192.168.3.X

Both offices are using a Draytek Vigor 2820n router, and all pcs are Windows XP Pro SP3

Windows Firewall off - all pcs between offices that have file sharing on can browse each other on network and transfer files

Windows Firewall on  pcs between offices cannot browse each other or transfer files, but can ping pcs directly from command prompt

Have tried:
" Enabling File sharing, PPTP and VPN options in Windows Firewall
" Making sure at least one folder is shared on each pc in different subnet
" Manually adding TCP port 1723 (pptp) to Windows Firewall exceptions (scope any)
" Enabling netbios over tcp/ip for lan connections
" Disbling all routers firewalls
" Switching to IPSec instead of PPTP, same behaviour

I am following the manual and all info i can find online to the letter, wether i setup as PPTP or IPsec, it is all working fine as long as windows firewall is off. Is there something i'm missing? I would have thought adding the port to the firewall exceptions should fix it??  Any help would be greatly appreciated.
0
Comment
Question by:bhafinance
2 Comments
 
LVL 18

Accepted Solution

by:
Andrew Davis earned 500 total points
Comment Utility
you would need to add the range of ip's to the exception list on the client pc's.

that said, i would recomend that you remove the firewall from the individual computers and use the firewall at the router. this way you have a single point of managment. If you are determined to use firewalls on each client then you i suggest that you look at controlling them via a GP (Group policy) or getting a firewall that can be centrally managed. I use McAfee ASAP antivirus which has a firewall feature and all settings (both virus and firewall) can be managed centrally via a web site.
for a trial see http://www.ntbm.com.au/mcafee.php and click on "managed services home"

Cheers
0
 

Author Comment

by:bhafinance
Comment Utility
Thanks Andrew, your post lead me in the right direction even though it was a bit ambigous :).  Turns out i did need to add the subnet ranges for each network to the exception list for the windows firewall on each pc.  I'll be sure to implement via group policy when i get the new domain server in place, at the moment the network is all just one workgroup of xp machines with only a few needing to do file sharing between subnets.  Cheers.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now