1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Using VPN tunnel with Windows

Discussion in 'Networking Issues' started by NMRPETER, Nov 2, 2006.

  1. NMRPETER

    NMRPETER LI Guru Member

    I have two BEFSX41. I have setup a VPN tunnel between the two ( status of the connection is connected ). I have followed the setup as provided by Linksys in their manual for security policies for Windows XP and the router (which seems to be working ok ). Now what? How do I access the data on a computer behind one router from behind the other? Can I setup a shared folder in Windows that will use the tunnel? I just want to be able to access certain directories (on certain computers ) from one network to the other.

    Thanks for everyone's help

    Peter
     
  2. ifican

    ifican Network Guru Member

    first off you need to make sure you can ping the ip across the other side. If not you will need to work that angle. To test from whatever side you are on first ping the remote lan's gateway. If that works try the machine, if the machine is setup to allow the traffic by reply then you should be good to go. You would simply need to make sure you have access via username and password for the other computer and then connect to it via IP. start/run //192.168.x.x (being the ip of the remote machine) if that works, then you can map to shares, rdp if you have it setup etc. I know this sounds a little confusing but its really not that bad. Let us know if you can at least ping and then we can move on from there.
     
  3. NMRPETER

    NMRPETER LI Guru Member

    Pinging results

    Computer A to B pinging works fine. I can ping the rounter's WAN IP, the rounter LAN IP and a computer within that subnet. I can't ping from computer B to A. Pinging the rounter's WAN works but no further. When I do try to ping the rounter's LAN ( 192.168.x.1 ) ping comes back saying 'Destination net unreachable' and gives an IP address along with it ( which is also on the same subnet as the router's WAN that I'm pinging to, but isn't one I'm using personally ) I have tried to enter //192.168.x.x at the run dialog box on the computer that can fully ping the other computer with no success ( I have full acess to both computer's ). The LAN of both router's are different ( 192.168.x.1 and 192.168.y.1 ). Both of the settings of the router's seem to be set the same as well. What things can I look at next?

    Peter
     
  4. ifican

    ifican Network Guru Member

    Destination net unreachable is the router saying it does not know how to get to the subnet you are trying to reach, it sounds like the tunnel was not set up correctly for the lan side address that you are trying to reach. For instance, if you set of the tunnel for 192.168.1.0 255.255.255.224 and you tried to reach a machine in that subnet that had an ip greater then 31 it would not work. Can you very for me that you have set of the tunnel on both side remote lans with a subnet of 255.255.255.0
     
  5. NMRPETER

    NMRPETER LI Guru Member

    New Pinging Results

    Network A ( which has computer A ) its router is setup for any remote secure group and any remote security gateway. Network B ( which has computer B ) it's router is setup for a single IP for remote secure group ( computer B ) and a single IP for remote security gateway ( WAN IP for network A ). I have been able to solve the problem of not being able to ping from B to A. I have a second ethernet card in computer B, which when disconnected allowed me ping the IP of computer B. I still can not access the files between the two networks. Type in the IP of computer B in the Run dialog box gives me 'Network path not found'. Where do I go from here? Also when I disconnect the second ethernet card and run pathping (IP of computer A ) the router at computer B disconnects from the net, any idea why? ( it does this the moment the pathping program gets to the router at B ). Thanks for all your help so far...

    Peter
     
  6. ifican

    ifican Network Guru Member

    Ok for clarification so as not to confuse either of us. I think you have it right but maybe you just stated it backwards. The "remote secure group" should be the ip range for the other side of the tunnel that you want to permit. For instance Network A should have a remote secure group range for network B. And network B should have the remote secure IP range for network A. The Remote Secure Group for lack of better terms, is what the tunnel uses to identify "interesting traffic" (ip's that need to be sent across the tunnel).
     
  7. ifican

    ifican Network Guru Member

    I hit enter by mistake and for some reason i cant edit the post so i will continure from here. Make sure on both machines that you have shared the files you want to share and that you have permissions to access those file. You will get Network Path Not Found if you dont have files shared or dont have permission to do so.
     
  8. NMRPETER

    NMRPETER LI Guru Member

    Windows does not see folders

    I have setup the two VPN endpoints as you were saying ( though one side is setup for 'any' remote group, I can change that and see if it helps ) I have simple file sharing on. I have shared folders on both machines ( one in network A and one in network B ). I can ping from one computer in network A to another in network B. When I type //192.168.x.x. in the run dialog windows gives me the error "Windows cannot find 192.168.x.x" Where do I go from here? What things should I take a look at? The computer on network A is already sharing folders with other computers on that network and so I know that part of it works. Why is it I can ping the computer but windows has no idea its there?

    Peter
     
  9. NMRPETER

    NMRPETER LI Guru Member

    One last thing; the user names on the two machines are different ( but both are admins ). I have simple file sharing on which should allow everyone access does it not?

    Thanks for all your help
    Peter
     
  10. ifican

    ifican Network Guru Member

    I am not sure if simple file sharing does or does not allow everyone by default. However I think your issue my simply be you are not pointing directly at what you are trying to access. I know in the past i have had similar issue when trying to connect to a remote system, if i did not put in the correct path i.e. //192.168.x.x/sharedfoldername. You can always test it by making sure the c drive is shared and then connecting via //192.168.x.x/c. Also just for clarification, the machine you are trying to access is on the same network as the remote group setting correct?
     
  11. NMRPETER

    NMRPETER LI Guru Member

    Both routers are now setup as each other's remote gateway and one computer from each network as the other's remote group. While I can now connect the VPN tunnel from each side I still cannot access any files. I have made both C drives shared and still neither computer can see the others shared drive. Still pinging isn't a problem. I tried mapping a network drive which also didn't work. Is there anything else I can try to see what part of Windows is blocking my access?
     
  12. d__l

    d__l Network Guru Member

    Are there any software firewalls (ZoneAlarm, XP's firewall) running on either tunnel end that might not be set to trust the subnet at the other end of the tunnel?
     
  13. NMRPETER

    NMRPETER LI Guru Member

    Connect

    Well I have been able to connect to the files on the computer on the other network. Was able to do so by completely taking down Windows firewall ( yes yes bad idea..it is back up now ). I know how to add a program as an exception or a port but how do I add the subnet to be trusted?
     
  14. ifican

    ifican Network Guru Member

    Good catch on the firewall, sometimes its the simple things we miss. I dont know specifically on windows firewall as i do not use it i use a third party that i can be a little more granular with. Ok taking a quick look, under the advance settings of the firewall, there is a change scope button after you click "add program". However it appears to just allow the ip range you specify for that program. Youll have to give it a shot and let us know.
     
  15. NMRPETER

    NMRPETER LI Guru Member

    Firewall

    After much reading and attempts Windows firewall is useless. I have tried to open ports on the firewall but with no luck ( I used TCPView and netstat to figure out what ports were being used ). After too much work fighting with Windows firewall, I have installed ZoneAlarm. After putting the remote site into the trusted zone everything works fine. Thanks for everyone's help.

    Pete
     

Share This Page