Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows 7 as an IPSec VPN client - firewall configuration


11 Oct 2012   #1

Windows 7 Professional SP1 64bit
 
 
Windows 7 as an IPSec VPN client - firewall configuration

Hello,

Thank you for reading my post.

- I have set an ISAKMP/IPSEC VPN tunnel between two Cisco routers C1 and C2.
- M1 is a machine in C1's LAN.
- M2 is a machine in C2's LAN.
- M1 is running "Windows 7".
- M2 is running "Windows XP".

I would like to access M2's shares from M1 and vice versa through the tunnel.

I deactivated both firewalls on M1 and M2.
With these settings, M1 can access M2's shares and vice versa.

Now, if I turn on the firewall on M1, M2 can't access M1's shares anymore.

My question is the following:
what do I have to do in the firewall to have it work properly?

Thank you for your help and best regards.

My System SpecsSystem Spec
.

11 Oct 2012   #2

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Now, if I turn on the firewall on M1, M2 can't access M1's shares anymore.
=>So you turned on windows 7 firewall on M1? ths standard Windows 7 firewall?

Can you still PING M1 from M2?
My System SpecsSystem Spec
11 Oct 2012   #3

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Quote   Quote: Originally Posted by Lea Massiot View Post
Hello,

Thank you for reading my post.

- I have set an ISAKMP/IPSEC VPN tunnel between two Cisco routers C1 and C2.
- M1 is a machine in C1's LAN.
- M2 is a machine in C2's LAN.
- M1 is running "Windows 7".
- M2 is running "Windows XP".

I would like to access M2's shares from M1 and vice versa through the tunnel.

I deactivated both firewalls on M1 and M2.
With these settings, M1 can access M2's shares and vice versa.

Now, if I turn on the firewall on M1, M2 can't access M1's shares anymore.

My question is the following:
what do I have to do in the firewall to have it work properly?

Thank you for your help and best regards.
So you made a tunnel between 2 cisco routers. Now all computers behind cisco1 and see all computers behind cisco2 and vice versa... correct? No special software is installed on computer itself... correct?

please post screenshot of network centre on Windows 7 machine
My System SpecsSystem Spec
.


11 Oct 2012   #4

Windows 7 Professional SP1 64bit
 
 

Thank you for your answer.

Quote:
Can you still PING M1 from M2?
Yes. And vice versa.

Quote:
So you made a tunnel between 2 cisco routers.
Yes.

Quote:
Now all computers behind cisco1 and see all computers behind cisco2 and vice versa... correct?
Yes, but only if the firewalls are turned off.

Quote:
No special software is installed on computer itself... correct?
Correct. No special software is installed on the computers.
My System SpecsSystem Spec
11 Oct 2012   #5

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

please post screenshot of network centre on Windows 7 machine
My System SpecsSystem Spec
11 Oct 2012   #6

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

What is ip address of winxp machine and all other machines on that subnet?
192.168.x.0/24 I assume

So 192.168.x.1, 192.168.x.2, 192.168.x.3, 192.168.x.4 etcetera
Correct? if so, what is x?
My System SpecsSystem Spec
15 Oct 2012   #7

Windows 7 Professional SP1 64bit
 
 

C1's LAN: 192.168.1.0/24
C2's LAN: 192.168.0.0/24

I've created an Inbound Rule and an Outbound Rule to allow connection through UDP port 500.
Still not working.

BR.
My System SpecsSystem Spec
15 Oct 2012   #8

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Quote   Quote: Originally Posted by Lea Massiot View Post
C1's LAN: 192.168.1.0/24
C2's LAN: 192.168.0.0/24

I've created an Inbound Rule and an Outbound Rule to allow connection through UDP port 500.
Still not working.

BR.
Those port you probably found by reading documentation about he tunnel?! It's a tunnel between two csico routers........ pc doens't even know it!! Delete those rules!
My System SpecsSystem Spec
15 Oct 2012   #9

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Try this commands in elevated command prompt. These does not only allow file/printer sharing from local subnet but also from 192.168.0.0/24. Use copy/paste to prevent typing errors. 4 commands succeeded succesfully? Problem solved?

Code:
netsh advfirewall firewall set rule name="File and Printer Sharing (NB-Session-In)" new remoteip=192.168.0.0/24,LocalSubnet 
netsh advfirewall firewall set rule name="File and Printer Sharing (NB-Name-In)" new remoteip=192.168.0.0/24,LocalSubnet
netsh advfirewall firewall set rule name="File and Printer Sharing (NB-Datagram-In)" new remoteip=192.168.0.0/24,LocalSubnet
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new remoteip=192.168.0.0/24,LocalSubnet
My System SpecsSystem Spec
31 Oct 2012   #10

Windows 7 Professional SP1 64bit
 
 

Hello and sorry for the very later answer.
You were right, it totally was a problem of "File and Printer Sharing" permissions scope that had to be extended to the other VPN end subnet.
Thank you.
My System SpecsSystem Spec
Reply

 Windows 7 as an IPSec VPN client - firewall configuration




Thread Tools



Similar help and support threads for2: Windows 7 as an IPSec VPN client - firewall configuration
Thread Forum
IPsec with Firewall Advanced Security questions! Network & Sharing
Windows 7 Firewall configuration System Security
Client can't connect to Windows 7 based PC with AVG Firewall enabled. System Security
Win7 Firewall Controll (Sphynx) - configuration? System Security
Windows 7 and IPSEC Cisco client 5.0.07.0290 issue Network & Sharing
Few problems after Firewall Client System Security
Firewall configuration rules for Win 7 FW? System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:12 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33