VPN / Firewall Conflict?
Mar 9, 2008, 6:17 pm
#16
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,305
Anything in the firewall log? (is the log enabled to log blocked incoming and outgoing connections, if they have that feature? If not, you may want to at least temporarily try a different firewall to help diagnose the problem, if it is a firewall issue. Even if it isn't, this would eliminate it as part of the problem.)
-David
-David
Mar 9, 2008, 11:15 pm
#20
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
IPsec.
FortiClient for the client, and a Linksys BEFVP41 router for the server.
I did. Microsoft specifies two different settings, and I tried both.
Also, what VPN client/server are you using?
Did you try the registry changes?
Mar 11, 2008, 11:14 am
#22
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
It works in the "computer in domain" profile, doesn't work in the "computer on the move" profile. What's odd is, yesterday, it didn't work when I disabled the firewall completely.
Mar 12, 2008, 2:36 am
#23
Join Date: Nov 2003
Location: San Diego, CA USA
Posts: 534
I'd wager that you would not experience an issue at a public wifi with 'computer in domain' profile selected, however I'm not going to ask you to attempt due to risk.
Is there a way for you to dump the config files for both profiles for review?
Mar 12, 2008, 9:11 am
#24
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
With that said, we can safely assume that the issue is not with IP addressing, blocked ports in public hot-spots, etc. It's the profile settings.
I'd wager that you would not experience an issue at a public wifi with 'computer in domain' profile selected, however I'm not going to ask you to attempt due to risk.
Is there a way for you to dump the config files for both profiles for review?
I'd wager that you would not experience an issue at a public wifi with 'computer in domain' profile selected, however I'm not going to ask you to attempt due to risk.
Is there a way for you to dump the config files for both profiles for review?
Mar 13, 2008, 4:46 am
#25
Join Date: Nov 2003
Location: San Diego, CA USA
Posts: 534
http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm
specifically
If the client has NetBT enabled, it will always try to connect to the server at both port 139 and 445 simultaneously. If there is a response from port 445, it sends a RST to port 139, and continues it's SMB session to port 445 only. If there is no response from port 445, it will continue it's SMB session to port 139 only, if it gets a response from there. If there is no response from either of the ports, the session will fail completely.
Mar 13, 2008, 9:03 am
#26
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
I would suspect that the pubilc wifi profile is blocking the ports needed for windows file sharing.
http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm
specifically
Try allowing traffic on ports 445 and/or 139 and see what your results are.
http://www.petri.co.il/what's_port_445_in_w2k_xp_2003.htm
specifically
Try allowing traffic on ports 445 and/or 139 and see what your results are.