Solved

Lan to Lan VPN and Windows Firewall

Posted on 2008-09-30
2
730 Views
Last Modified: 2012-06-21
Hi all,

I am trying to setup a Lan to Lan VPN between head office and a branch office. The same behaviour is happening whether i set it up for PPTP or IPsec. Everything is connected and i can access router configurations and ping between offices, however i can only browse file shares between pc's on the different networks if i switch the Windows Firewall off on the pc's.

Subnets:
Head Office: 192.168.2.X
Branch Office: 192.168.3.X

Both offices are using a Draytek Vigor 2820n router, and all pcs are Windows XP Pro SP3

Windows Firewall off - all pcs between offices that have file sharing on can browse each other on network and transfer files

Windows Firewall on  pcs between offices cannot browse each other or transfer files, but can ping pcs directly from command prompt

Have tried:
" Enabling File sharing, PPTP and VPN options in Windows Firewall
" Making sure at least one folder is shared on each pc in different subnet
" Manually adding TCP port 1723 (pptp) to Windows Firewall exceptions (scope any)
" Enabling netbios over tcp/ip for lan connections
" Disbling all routers firewalls
" Switching to IPSec instead of PPTP, same behaviour

I am following the manual and all info i can find online to the letter, wether i setup as PPTP or IPsec, it is all working fine as long as windows firewall is off. Is there something i'm missing? I would have thought adding the port to the firewall exceptions should fix it??  Any help would be greatly appreciated.
0
Comment
Question by:bhafinance
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Accepted Solution

by:
Andrew Davis earned 500 total points
ID: 22603562
you would need to add the range of ip's to the exception list on the client pc's.

that said, i would recomend that you remove the firewall from the individual computers and use the firewall at the router. this way you have a single point of managment. If you are determined to use firewalls on each client then you i suggest that you look at controlling them via a GP (Group policy) or getting a firewall that can be centrally managed. I use McAfee ASAP antivirus which has a firewall feature and all settings (both virus and firewall) can be managed centrally via a web site.
for a trial see http://www.ntbm.com.au/mcafee.php and click on "managed services home"

Cheers
0
 

Author Comment

by:bhafinance
ID: 22611641
Thanks Andrew, your post lead me in the right direction even though it was a bit ambigous :).  Turns out i did need to add the subnet ranges for each network to the exception list for the windows firewall on each pc.  I'll be sure to implement via group policy when i get the new domain server in place, at the moment the network is all just one workgroup of xp machines with only a few needing to do file sharing between subnets.  Cheers.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WiFi Routers with Guest Network capability 14 104
Rdp session freeze periodically in FORTIGATE ssl vpn 2 78
Run Access2013-32bit under WinXP? 4 90
BGP Local Preference 5 49
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question