How can I adjust a Windows 7 firewall so that it allows access to local share drives from a remote LAN connected by a gateway-to-gateway VPN? The VPN is between two network gateways. (It is not from a remote PC to a gateway.) It works normally, so that from LAN-A it is possible to ping remote samba shares located on LAN-B. On the remote LAN-B, there are also windows shares. I can connect to these windows shares only if I disable the windows firewall on the remote win7 PCs. My gateway logs show that port 139 requests timeout. I know that I need to adjust the firewall rules for Windows File and Printer sharing, but I cannot figure out how to do this correctly on Windows 7. I already tried allowing 'any network' in the firewall rule for file sharing on port 139, but this did not work. Here is a simple test I want to work. A Win7 PC exists on LAN-A (at IP 192.168.1.50) and a Win7 PC exists on LAN-B (at IP 10.10.10.19). The following ping command should work: 192.168.1.50> ping 10.10.10.19 If the firewall on the PC in LAN-B is active, the ping times out. If the firewall is disabled, the ping is successful and I can connect to the remote PC's shares. How can I relax the firewall rules on the remote PC to allow this type of LAN-to-LAN access? Thank you, Jon

Hi Jon, Thanks for the post! I'm trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience. Thanks for your understanding and efforts. Regards, MiyaThis posting is provided "AS IS" with no warranties, and confers no rights. | Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Have you opened SMB port 445? Application_protocol Protocol Ports SMB TCP 445 File and Printer Sharing Does Not Work http://technet.microsoft.com/en-us/library/cc787076(WS.10).aspx SMB: File and printer sharing ports should be open http://technet.microsoft.com/en-us/library/ff633412(WS.10).aspx The following ports are associated with file sharing and server message block (SMB) communications: Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139. Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD). 947709 How to use the "netsh advfirewall firewall" context instead of the "netsh firewall" context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista http://support.microsoft.com/default.aspx?scid=kb;EN-US;947709 Sumesh P - Microsoft Online Community Support

Were you able to try this out?Sumesh P - Microsoft Online Community Support

I am having a similar problem with Windows 7 networking that I hope you can assist me with. We have two network shares on a Windows 2003 server in an Active Directory domain. One shared folder contains many sub folders that are shared out to everyone and are accessible from remote locations via a VPN. The second shared folder contains individual sub folders assigned to each user with NTFS permissions that restrict access to only the individual who owns the folder. These restriced folders are accessible remotely via the VPN if the user has a Windows XP computer but they ARE NOT accessible to users who are trying to map a network drive to their personal folder using Windows 7 OS. Can you tell me why Windows 7 will connect to the first shared folder with the lesser restrictions but not to the shared folder with the individual personal folders with tighter permissions? I have tried connecting to the personal folders using two different Windows 7 computers and we keep getting an error message saying Access Denied! When remotely mapping to the parent folder containing the individual personal sub folders, the mapped drive seems to work but the Windows Explorer shows the folder as being empty when there are well over 75 individual personal sub folders in the parent folder. The mapped drives to the personal folders work when the user is connected to the network in the office where the Windows 2003 Server is located but does not work when connected remotely. Please let me know if my description of the problem is incomplete or you need more information from me.