Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Windows 7 firewall exception incoming scope rule for different subnet

17 Dec 2012   #1

Windows 7 Ultimate x64
 
 
Windows 7 firewall exception incoming scope rule for different subnet

This one problem kept my win 7 PC from being able to be pinged and share files from incoming ubuntu PC on another LAN with a different subnet.

I have 2 lans, 2 routers, each using a different range of IP.
One is on 192.168.1.x
Other is on 192.168.200.x

I have a static route to direct packets from forward LAN to the other LAN. Only thing was Windows 7 kept blocking that route UNLESS the firewall for the private network was turned off. Even if you turn on sharing, etc... Windows 7 firewall only allows for the subnet LAN it exists on.

So you have to put in a rule and change the scope
The exception is to add your local lan ip range.
For me it scope exception is 192.168.200.0/24

screenshot and also shows the pings from ubuntu PC on different LAN works.

Click Action, new rule, then custom, keep clicking next till you get to scope. Under Local IP, enter your LAN as I did.
Apply it and it works.



Attached Thumbnails
Windows 7 firewall exception incoming scope rule for different subnet-firewallruleworks.png  
My System SpecsSystem Spec
17 Dec 2012   #2

Microsoft Community Contributor Award Recipient

Windows 7 Ult, Windows 8.1 Pro,
 
 

That's good to know sdowney717, I wasn't sure if Windows could manage sharing between two different subnets but adding the subnet range to the firewall rules looks like it works pretty well for this.

You can also connect to both subnets with a single NIC by adding the secondary subnet to the advanced TCP/IP settings in IPv4 properties.
My System SpecsSystem Spec
18 Dec 2012   #3

Windows 7 Ultimate x64
 
 

Is what you mean called binding an ip to a NIC?

If so, give me an example of what I would have entered for the nic card.
(Pictures help)

The Windows 7 PC is on 192.168.200.30
Router2 is on 192.168.200.1

Router 1 is on 192.168.1.1
WAN ip for router2 which it gets automatically from router1 is 192.168.1.100
WAN port of router2 is plugged into LAN port of router1.

I left DHCP on for both routers. I assigned a manual IP to the Windows 7 PC.

the static route from router1 is setup as

Dest IP 192.168.200.0
Subnet 255.255.255.0
Gateway IP 192.168.1.100

This lets router1 know that packets of 192.168.200.x need to go to the attached device router2 at 192.168.1.100

I had to yank a netgear router off my LAN and use a Verizon 7501 to get the static route to work. Fo some reason the WGT624v3 netgear always jumped IP when I setup a static route. I even tried forcing it manually and it would not work. Routers that dont route! Caused a lot of head scratching.

My router1 is a nice old Gateway G wireless router.
My System SpecsSystem Spec
.


19 Dec 2012   #4

Microsoft Community Contributor Award Recipient

Windows 7 Ult, Windows 8.1 Pro,
 
 

Pictures aren't really required, it's the same as setting up a static IP but you type both routes into the advanced TCP/IP settings for which ever adaptor you want to bind the subnets too.

For some reason you are saying WAN IP but the first one is a LAN IP.
WAN ip for router2 which it gets automatically from router1 is 192.168.1.100
WAN port of router2 is plugged into LAN port of router1.

Usually for dual router set up's you will want to disable DHCP on the secondary router but with your dual LAN's it might not work the same.

Normally you would plug the secondary router into the LAN port on the first router, then connect the other router's LAN port, LAN to LAN. But this would depend on what you are using the second router for.

This dual subnet network is rather strange, and I'm trying to figure out why someone would need to do this with all the available options for NTFS sharing.
My System SpecsSystem Spec
Reply

 Windows 7 firewall exception incoming scope rule for different subnet





Thread Tools



Similar help and support threads for2: Windows 7 firewall exception incoming scope rule for different subnet
Thread Forum
Windows Firewall - Add or Remove an Exception Tutorials
How to Make One Exception to a Windows Firewall Outbound Rule? System Security
Win7 Firewall Service not starting, blocking ALL incoming connections Network & Sharing
How to add live messenger rule to firewall System Security
Firewall Rule: Unable to change scope for TCP and UDP rules System Security
Windows Firewall Outbound Rule: which app? System Security
Windows Firewall Exception System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:27 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33