Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't See Remote Network Shares

    Scheduled Pinned Locked Moved
    IPsec
    2
    4
    18
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      XrayDoc88
      last edited by XrayDoc88

      I'm using pfSense CE 2.7.2. on identical mini PC hardware in two different states. I just setup my first site to site VPN using IPsec. I followed these instructions and added the firewall rules at both ends. I have different subnets at both locations. The computers at both locations are running Windows 11 Pro.

      https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-s2s-psk.html

      The VPN is working. I can enter site A local IP addresses when at site B in "network" using the notation "\\local IP address" and can see all of the shares on my two NAS boxes. I can ping both NAS boxes and I can login to both NAS web interfaces if I launch a browser and type in their local IP addresses. But I can't do the same for my Windows PC shares. "\\local IP address" does not find Site A computers. I can't ping their addresses. I CAN do a remote desktop protocol session at site B by using the local PC IP addresses at site A. But I thought I was supposed to be able to see all the shares at both sites, not just shares on the NAS boxes.

      What am I missing? Thanks!

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @XrayDoc88
        last edited by

        @XrayDoc88 said in Can't See Remote Network Shares:

        What am I missing?

        I would guess the firewall on the window 11 boxes, out of the box they prob not going to allow an IP that is not a local IP.. You would have to adjust the firewall on them to allow whatever network your other site is using. For ping and SMB.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        X 1 Reply Last reply Reply Quote 0
        • X
          XrayDoc88 @johnpoz
          last edited by

          @johnpoz Thanks for the quick reply. I'll look at that. I did notice that I have "network discovery" and "printer and file sharing" enabled for private networks. Do I need to also enable them for public networks? That sounds like a bad idea, but I've never setup a site to site VPN before, so I'm not certain all that might be necessary.

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @XrayDoc88
            last edited by

            @XrayDoc88 normally the firewall rules when you enable something only allow the network the device is on.. private and public just modes windows will put the firewall on, if its using the public policy it will block any inbound, etc..

            if your remote nettwork is say 192.168.20/24 and your local network is 192.168.10/24 you would go into the rules and allow the 192.168.20 network.. Or for that matter just turn off the firewall on the host.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            1 Reply Last reply Reply Quote 0
            • First post
              Last post