File Sharing over site to Site tunnel using RV130W Routers

pancake · ‎05-10-2017

I have placed a RV130W with current firmware at Location A and Location B, each serving a handful W7 Pro and W10 workstations.

Location A has a public wan: 76.x.x.x, and a lan of 192.168.1.0/24.

Location B has a public wan of 70.x.x.x and a lan of 192.168.0.0/24

Access Rules are set to Allow Any for all the standard ports, and Port 445 was added.

Firewall settings have been checked at machine level and router level.

Folder/file sharing is configured on the computers.

Tunnel is built, stable, and passes traffic.

I can ping devices on both sides from each location.

I can connect from Location A to Location B shared folder using my MacBook Pro.

I cannot get any Windows box to see shared folders/files across the tunnel. My gut at this point says it's a Windows settings issue, but research isn't very productive. That being said, I have to believe that although this is likely a windows issue, it has certainly been encountered and hopefully successfully overcome by someone.Ideas?

Thanks!

ktonev · ‎05-11-2017

Hello,

My name is Kristian and I am one of the engineers from the Small Business team.

I recently encountered a similar issue with Windows Server file sharing over a site-to-site VPN and the solution was to create an ACL on the WAN interface for any any and the appropriate port ranges. In this particular case we had to open TCP 135 for RPC traffic and also a high port range used by Windows Server (49152-65535).

Can you confirm on which interface have you applied the ACL?

Are you including only the local subnets for the VPN (192.168.x.x) or any any in the ACL?

Based on some other articles online, I can suggest trying to create ACL for the following ports UDP-137, UDP-138, TCP-135, TCP-139,TCP-445.

To make troubleshooting easier you can create a WAN ACL on both routers for any any and all ports or temporarily disabling the firewall functionality - that way you will see if it is a firewall issue blocking the traffic. If this does not resolve your issue I suggest digging more into Windows configuration for file sharing.

If you need additional assistance with setting up the ACLs or something else feel free to give us a call so we can log a ticket and assist you.

Hope that helps,

Kris

If you find this content useful please rate it so other users can benefit from it as well.

pancake · ‎05-11-2017

Thanks, Kris.

ACL's are applied as Allow All on both interfaces, for the respective subnet ranges. I did add port 445 TCP/UDP, as this appears to be the designated ports for Windows File Sharing, post W2K. I did not add 135-139, but I can certainly try that, along with high ports, and see what that nets me. As previously mentioned, I'm focused on Windows config issues(router & local machine) as I can connect with my diagnostic Mac. I'll be back on site this afternoon, so I'll report back. Thanks again, Kris!

Kevin

pancake · ‎05-12-2017

Kris:

At this juncture, I'm at the point of calling it a windows issue. I have added your suggested ports, some additional suggested ports from research, I have opened the firewall completely, with nos success. Just to reiterate, with the router default ports, plus 445 & 4500, my Macbook Pro sees the remote shared folder, and connects to it. The tunnel remains viable and passing traffic, with no errors or drops. I remain open to suggestions or observations from the community, but I struggle seeing this as a router issue. Your thoughts...