• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 551
  • Last Modified:

Cannot connect to a Windows Server 2003R2 from a different subnet via VPN

User could not connect from the DC office to the Baltimore Office server’s shared folders

User's  PC and network are on a subnet connected to the Baltimore network thru a VPN
-      The VPN is working fine. I was able to ping to the server ( and the router at from (the remote location’s router) and I was able to ping from Julia’s PC on subnet to any device on – and vice-versa

The server is a “Windows Server 2003 R2” with all the latest service packs and updates
-      The Firewall was enabled.
-      When I would disable the Firewall,  there are no issues connecting to the shared resources on the Baltimore server from DC

Re-enabled the Firewall and performed the following

I modified the setting in the “Windows Firewall”
Clicked “Exceptions tab”
Clicked “File and Print Sharing”
Clicked “Edit”
Clicked on the already checked “TCP 139” and then clicked “Change Scope”
In the “Custom list”, I then added this entry  -

I now can connect to Baltimore from the DC office with no issues

-      Did I pick the correct settings by adding a custom port for TCP 139
-      Should I do anything for these ports?

TCP 445
UDP 137
UDP 138

Any help and suggestions would be appreciated
  • 4
1 Solution
agieryicAuthor Commented:
NOTE: At the remote location, there are 2 PC's - both running Windows 7 Pro SP1
I'd include those other ports if the firewall wizard didn't do it already:
According to Microsoft, these are the ports required for file & print sharing over a firewall

Application protocol             Protocol      Ports

RPC                                           TCP           135
NetBIOS Datagram Service   UDP            138
NetBIOS Name Resolution    UDP         137
NetBIOS Session Service       TCP          139
SMB                                       TCP          445
agieryicAuthor Commented:
should I add the same subnet pool I indicated above to all these ports
agieryicAuthor Commented:
I asked the above question just to cover remote users connecting.
However, when the Windows Firewall is enabled, users can not scan from a leased copier to a shared folder on the server that works perfectly when the firewall is turned off. So again its a "File and Print" issue.

I would rather keep the windows firewall enabled but is there an easier way to allow any device on the local LAN to access resources on the server.

You mentioned "firewall wizard". I don't recall using a wizard in server 2003
agieryicAuthor Commented:
I ended up resolving the issue myself. However, since I had only one response, I find it only fair to issue the points. Thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now