NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

thxbox1138's avatar
thxbox1138
Aspirant
Mar 13, 2021

Site to Site tunnel working (only ping)

I have 2 BR200 routers and 2 locations
I set up site to site IPsec vpn
Tunnel is green
I can ping IP's from either site back and forth

I cannot however map drives to my server from remote site to HQ
I cannot however map drives to a desktop at remote site from HW

I can ping but that's about it, I called Comcast which both sites have and I had them disable modem firewalls because I thought that might cause issues, they disabled firewalls at both location so comcast is not in the way at all

I rebuilt the tunnel same thing I can ping but thats it no mapping works by DNS name or IP address

What am I missing is there any other additional steps that need to be performed on these routers besides building the tunnel because thats the only thing I can think of now?

29 Replies

  • MrJoshW's avatar
    MrJoshW
    NETGEAR Employee Retired
    Mar 15, 2021

    Hello,

     

    Are you able to ping the clients/servers in question? What firmware version is the BR200 on?

    • thxbox1138's avatar
      thxbox1138
      Aspirant
      Mar 15, 2021

      I am able to ping a machine from HQ to remote

      I am able to ping a machine from remote to HQ

      I am able to tracert from both locations and its 3 hops 

      HQ router

      Remote router

      machine

      I just cant do anything else, my question is do I need to create any addtional traffic rules to allow the remote subnet machine to access the HQ network machine on the BC200 router or is that all taken care of once you create the IPSEC tunnel in the BC200's

       

      meaning create the tunnel and done, no post rules or configuration?

       

      I have no firewalls or anything in the way at this moment

      • MrJoshW's avatar
        MrJoshW
        NETGEAR Employee Retired
        Mar 16, 2021

        Hello,

         

        The issue is, on the BR200/500 we have disabled NATloopback due to performance. We do have a firmware that does address the NATloopback and will allow you to connect to the remote resources but please note that there will be a performance hit due to this. Please let me know if you wish to install the firmware for testing and I can send it to you through a private message.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More