RV120W VPN Gateway Blocking Traffic

andy · ‎02-10-2014

I have two sites each with a Cisco RV120W Router in each. My objective is to establish a VPN between the two routers so we can map a shared drive between both locations. I have been successful in getting the IPsec tunnel established between the two locations and can remotely log into the far end router with no issue.Although no traffic indication on the Status window.

The problem I'm having is I can't access the far end PC. I am not using PC names but rather their local IP address. It's like the router is not passing traffic to the remote PC.

I am missing a firewall setting somewhere?

mpyhala · ‎02-11-2014

Hi Andy,

If you are missing a firewall setting it is on the PC that you are trying to reach. In some cases the Windows firewall or a third party firewall/antivirus program will block traffic from/to a subnet other than it's own. Try disabling all firewalls as a test on the PCs. You can also try to ping something other than a PC, such as a network printer or print server which will not have a firewall. If you can log into the remote router using the LAN IP, then the tunnel is up and working properly.

- Marty

andy · ‎02-11-2014

The windows firewall was turned off on both the source and destinnation PC. Is there anything in the Router that prevents it from delivering traffic to the destination PC.

mpyhala · ‎02-11-2014

Andy,

The router should not block any VPN traffic. Make sure there are no Port Forwarding or Access Rules created in regards to the tunnel.

Is there anything else at the other end of the tunnel that you can ping other than a PC?

- Marty

SamirD · ‎02-11-2014

Pinging something other than the PC you're wanting to connect to will help establish if the connection is truly good. Sometimes you can ping the gateways, but not the lan if the subnets or something isn't set correctly.

If you have a phone that can grab an IP address or an access point that can--anything that can get an IP address, see if you can ping it.

Another test I would use is to see if you can access the admin page of the router on the other side. This should work even if the tunnel won't work onto your lan since your ping is fine.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

andy · ‎02-12-2014

Sorry, I thought I replied last night.

I can login to the far-end router from the near-end LAN so we know the tunnel is open and working. I can ping the far-end PC so we know it is possible to connect to the far-end PC across the VPN.

What I can't do is access a remote file from Windows Explorer using an IP address (\\192.168.2.187\SharedFiles). Its like something is blocking traffic necessary to start the file sharing. The Firewall is off on both PCs.

mpyhala · ‎02-12-2014

Andy,

So to be clear, you can ping 192.168.2.187 but cannot access shares on it?

Have you tried simply \\192.168.2.187 to see if you get a list of shares?

This really sounds like a firewall on the remote PC is not allowing the sharing. The RV120W is simply not capable of blocking that traffic.

- Marty

andy · ‎02-12-2014

You are correct I can ping but not access shares. I have tried \\192.168.2.187 and get the Windows Error can't connect. If I run the network Diagnostices (you never know) it blames the Router and suggests a reboot.

mpyhala · ‎02-13-2014

Andy,

Can you access shares from 192.168.2.187 to the opposite PC? Ping?

What is the LAN IP of the opposite PC?

What subnets (VLANs) do you have configured on each router?

- Marty

SamirD · ‎02-13-2014

Strange. If you can ping the PC, then the tunnel is fine, but something is wrong on the PC. Windows firewall is notoriously erronous on blocking stuff. Try to access that share from another PC that's local and see what happens. Also, check if all the PCs are under the same workgroup.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com