I have recently setup a site to site VPN for to facilities. I set both site as a mesh hub. The problem that I can not seem to figure out is site A is able to ping site B computers, but site B can not ping site A computers. I can ping either MX64 from both sites, but not the computers connected to them. I am using two MX64 security appliances.
What do your Site-to-site VPN firewall rules look like?
I left it as the default rule to try to get it to work before I implemented any rules. So outbound and inbound are set to Allow Any Any Any etc...
You could try some pcaps at the LAN on both sides, the VPN interface on the MX(s) etc. That should help you identify where is failing.
Have you considered that the client in site A is just not responding to ping requests? Maybe even try to ping a computer from site A from the site A MX?
I'm thinking the same. When you're on the Security Appliance > Monitor > Status page click on the Tools tab and run a ping command from each MX to the LAN interface IP of the other MX, start there, then move on to pinging the actual hosts, first locally from each MX on its own local VLAN to a directly connected host, and then over the VPN.
I ran a couple ping using the MX Ping command. From site B MX I am able to ping any device in the local network and i am also able to ping any device in site A network from site B MX. From sire A MX I am able to ping any device in the local network, but i am only able to ping network devices (Switches, Access Point) from site B. I have disable windows firewall and the same thing is happening.
Sounds like you've found the root cause, now just need the workaround, might be some other 3rd party firewall as opposed to the windows firewall itself? If not, and it's the windows firewall, it tends to block ICMP traffic by default. You'll likely need to allow inbound ICMP/echo requests, the replies will likely go out naturally, but you'll need to allow the inbound pings.