D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: ChenZi on April 28, 2014, 03:17:29 AM

Title: In vpn ipsec between DFL-860e and DSR-1000N smb share does not work!!!!
Post by: ChenZi on April 28, 2014, 03:17:29 AM

Hello everyone. VPN tunnel made ​​according to the instructions:

ftp://ftp.dlink.de/dsr/dsr-250n/documentation/HowTo/DSR-250N_HowTo_Configure_IPSec_VPN_Tunnel_between_DSR_Router_and_DFL_Firewall.pdf (http://ftp://ftp.dlink.de/dsr/dsr-250n/documentation/HowTo/DSR-250N_HowTo_Configure_IPSec_VPN_Tunnel_between_DSR_Router_and_DFL_Firewall.pdf)

and everything seems to work fine, except for access to smb by the DSR-1000N.

Channel looks like this:
Test PC (192.168.0.2) - DFL-860e (192.168.0.1/24) - public ip - VPN ipsec - public ip - DSR-1000N (192.168.1.1/24) - Test PC ( 192.168.1.2 )

From computer 192.168.0.2 connects via smb on 192.168.1.2, everything is fine, folders are visible.

netstat shows:
TCP 192.168.0.2:57594 192.168.1.2:445 ESTABLISHED

From computer 192.168.1.2 Connects at 192.168.0.2 - does not work, and why that netstat shows the following picture:
TCP 192.168.1.2:56283 192.168.0.2:80 SYN_SENT

Why, instead of 445, he and other ports connected to 80 ?
All other ports are, for example, 80 and 443 or 3389 in both directions normal.

On the DFL- 860 standard rules for access in both directions and service 'alltcpudpicmp'.
On the DSR-1000n is enabled by default all outbound traffic. NAT-tranversal activated here and there .

Does anyone have any ideas?

Title: Re: In vpn ipsec between DFL-860e and DSR-1000N smb share does not work!!!!
Post by: ChenZi on April 28, 2014, 03:32:01 AM

And that strange telnet from 192.168.1.2 test computer to 192.168.0.2:445 or :139 works perfectly ...

Title: Re: In vpn ipsec between DFL-860e and DSR-1000N smb share does not work!!!!
Post by: silver_surfer30 on July 31, 2014, 06:33:35 AM

HI,

What is the dns server on both side ?

Best regards,