scraby
asked on
cannot see file shares on certain servers
here's my configuration;
site to site vpn between two sonicwall tz devices
all traffic is allowed between lan and vpn and vice versa in both directions on both devices
servers are on 192.168.0.0 /24 subnet at main building
workstations are on 172.16.32.0 /24 subnet at remote building
problem is, i can access file shares on all servers except a couple that i know of. connections to 445 from remote office to main office on these servers times out. telnet to 445 cannot connect (from 172.16.32) . i can connect to 445 to these servers without issues from the main office subnet (192.168.0)
i can connect to port 53 on the problem servers without problems from remote office to main office.
i'm at a loss here. 445 if open on the server and can be accessed from the local subnet but not from the remote subnet. however 53 is open (it is a dns server) and i can telnet (on 53) and nslookup to the server from the remote subnet to the local subnet. from what i see and know, firewall is not an issue. i've tried adding a route 172.16.32.0 mask 255.255.255.0 192.168.0.109 (sonic wall gateway) on the problem server but that did not make any difference.
any ideas?
thanks in advance.
shawn
site to site vpn between two sonicwall tz devices
all traffic is allowed between lan and vpn and vice versa in both directions on both devices
servers are on 192.168.0.0 /24 subnet at main building
workstations are on 172.16.32.0 /24 subnet at remote building
problem is, i can access file shares on all servers except a couple that i know of. connections to 445 from remote office to main office on these servers times out. telnet to 445 cannot connect (from 172.16.32) . i can connect to 445 to these servers without issues from the main office subnet (192.168.0)
i can connect to port 53 on the problem servers without problems from remote office to main office.
i'm at a loss here. 445 if open on the server and can be accessed from the local subnet but not from the remote subnet. however 53 is open (it is a dns server) and i can telnet (on 53) and nslookup to the server from the remote subnet to the local subnet. from what i see and know, firewall is not an issue. i've tried adding a route 172.16.32.0 mask 255.255.255.0 192.168.0.109 (sonic wall gateway) on the problem server but that did not make any difference.
any ideas?
thanks in advance.
shawn
That have to be firewalls. They can be based at the server or the client or in between at the gateway/router. Ask your network admin for help.
ASKER
the firewall is setup to allow everything in both directions between vpn and lan. traffic passes to other servers through the same path without issues. i can pass traffic on 445 to one server but not to another. i can pass traffic on 53 to both servers. that means outbound firewall on workstation is configured correctly. it also means that in between firewall is configured correctly. firewall is not enabled at the server. i can get to both 53 and 445 from local subnet. i can get through on 53 and 445 on one server from remote subnet but i can only get through on 53 on another and not on 445.
i think i'm going to have to use a tool like wireshark or logging on the firewall to see where traffic is blocked but that's about where my knowledge drops off.
btw, one man it team here. i am the network admin
i think i'm going to have to use a tool like wireshark or logging on the firewall to see where traffic is blocked but that's about where my knowledge drops off.
btw, one man it team here. i am the network admin
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank for your help. I think adding the route did the trick.
shawn
shawn