1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Filtering SMB through a RV042 to WRV200 VPN tunnel.

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Sfor, Mar 25, 2011.

  1. Sfor

    Sfor Network Guru Member

    Well, RV042 does have a firewall with one flaw. It is not possible to filter the packets arriving through the VPN tunnel. It appears the buil in firewall filters only pakets arriving through WAN and LAN ports. Since the VPN traffic does not directly pass these ports, firewall does not process them.

    On the other hand, WRV200 access rules do not seem to be of any use, at all. I was unable to make it work, so far.

    In order to filter the SMB traffic I had to block the packets destined for ports 137-139 coming from local network in the RV042. I was able to lock the ability to locate the SMB shares from the remote location, that way. Still, the remote computers are able to connect to the port 139 responsible for the SMB sessions. This solution is not a perfect one, but it seems to be effective enough.

    However, I would like to block the SMB in one direction only. Locking the 137 port is stopping SMB resource locating service in both directions, unfortunately. If I would be able to stop the packets from remote location destined for port 139, I should be able to get the desired result, I think. But, the RV042 does not let me to do it. WRV200 does not help me as well, as the built in access rules are not working at all.

    Is there any other way to get the Microsoft Networking not to be able to connect from the WRV200 side?
     

Share This Page