Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, April 6, 2016 2:17 PM
Hello All,
I am helping out a business with two locations, with a site-to-site VPN tunnel set up between the two of them. They can't seem to access file shares between the two sites, and we're not certain why.
At first I thought that it was because the two computers were on different Workgroups, but I had my boss put the computer on his end onto the same Workgroup as the one on my end, but this did not fix the problem.
Next I thought that it was because the two sites had different networks; one is on 192.168.0.X, and two is on 192.168.1.X. However, we have been able to use Remote Desktop Connections between the two sites, and an application they use at both sites is exclusively (to my knowledge) hosted at site one.
We also tried temporarily disabling the firewall, but this did not fix the problem.
We went over Advanced Network Sharing, to find that:
Network Discovery is enabled on each machine
Both are set to Private networks
Password Protected File Sharing is turned off
128 bit encryption is enabled
Windows Homegroup management is disabled
The permissions for the folder in question are highly permissive
However, the issue persists; each computer can only see computers local to their network, nothing at the other site. Is there something in the Registry, Security Policy, Group Policy, or some other esoteric menu that would be preventing discovery?
Thanks in advance.
All replies (8)
Wednesday, April 6, 2016 5:20 PM âś…Answered
On site One, open a command window as admin, enter:
route add 192.168.1.0 Mask 255.255.255.0 192.168.1.1
Now ping a computer on site Two (192.168.1.n)
(we're not finished here)
Best regards, George
Wednesday, April 6, 2016 4:13 PM
- Can you ping a machine on the other network?
- If Yes, can you connect to a share by using Net Use \<IP address of computer to connect to>\sharename?
Best regards, George
Wednesday, April 6, 2016 4:27 PM
Hi, thanks for the quick reply.
- No, the host machines do not reply to pings, even though we configured the firewall to allow for this. However, the internal IP of each Cisco router (five year old routers) can be pinged. Example, site one router has an internal address of 192.168.0.5, and can be pinged from site two.
2. We tried, but after the computer trying to work on this, it fails, and states "Windows cannot access \[IP\UNC name here]"
"Check the spelling of the name. Otherwise, there might be a problem with your network. To try to identify and resolve network problems, click the diagnose button."
As stated above, though, we know that information is going between each site, but the file hosted at site two can't be seen at site one.
Wednesday, April 6, 2016 4:33 PM
This is clearly a routing problem. If you're in for it you can answer:
- What is the network address you are on? (192.168.n.0)
- What is the other network address?
- What is the gateway address of your network (router address)?
- What is the gateway address of the other network (router address)?
Best regards, George
If you got help to solve your problem, then please give credentials to the answerer
Wednesday, April 6, 2016 5:12 PM
I'm not certain it is; as mentioned above, some traffic is finding its way from one network to the other. I will answer your questions though.
- Site one is 192.168.0.X.
- Site two is 192.168.1.X.
- Site one's gateway is 192.168.0.5.
- Site two's gateway is 192.168.1.1.
Wednesday, April 6, 2016 5:22 PM
Ok, when I am next at that business, I will perform this action.
Thursday, May 26, 2016 5:04 PM
Related, ongoing discussion continues here => https://social.technet.microsoft.com/Forums/en-US/34873b3e-5694-4e47-8fec-56f4a1c9dee8/again-no-internet-on-windows-10-computers?forum=win10itpronetworking
~Robear Dyer (PA Bear) MS MVP-Windows Client since 2002 Disclaimer: MS MVPs neither represent nor work for Microsoft
Thursday, May 26, 2016 5:24 PM
Frist and for most you need to have authentication set up on both VPN's using the same security certificate's then you need to add both these Machines Ip address's in the MMC security panel for local firewall security ALso it really is a lot you need to do to prep both VPN's using WINDOWS Security measure's you with your skill level may be happier using go to meeting or a third party source that sets up its own implementation's using what I could set here all day and reference using the web and link's cause it's faster then writing Also you need to know about OS firewall's ,Hardware Firewall's ,Router access, etc. Also even if the IP's supplier the source is using allows such traffic so as you can see using VPN'S is quite complicated if you know a guru you may want to pay them to help