Re: VPN routers to w2k rras server problems
From: Bill Grant (not.available_at_online)
Date: 06/09/04
- Previous message: Ola: "Using Connectoid to deploy VPN"
- In reply to: dexion: "VPN routers to w2k rras server problems"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 9 Jun 2004 15:24:37 +1000
You should be able to fix this by adding routes to the Linksys routers to
send your private traffic through the VPN link. The default route of the
Linksys will be to the Internet. To prevent your private traffic going that
way, add a static route to send it through the VPN link, using the VPN
endpoint as the interface address. You can use the subnet address for the
"other" site as the destination, or just use 192.168.0.0 mask 255.255.0.0
on both routers to send all 192.168 traffic through the VPN link.
"dexion" <anonymous@discussions.microsoft.com> wrote in message
news:1944401c44cf9$1c51ff40$a301280a@phx.gbl...
> My testbed
>
>
> have 2 dlink's (804hv) and a w2k server
>
>
> dlink1 = pub 10.176.249/24 private 192.168.0.1/24
>
> dlink2= public 10.2.176.248/24 private 192.168.10.1/24
>
> The w2k server = 10.2.176.86
>
> Ok routing is set up on the w2k server.
>
> I created 2 pptp tunnels from the w2k server to the 2
> dlink routers to the private sides (192...)
>
> I then set up 2 static routes for the 2k server to find
> the remote private subnets.
>
> I set the dlinks up as pptp servers.
>
> Both dlinks are able to talk to the w2k server through the
> lan OR through ipsec filters but that is not needed in
> this cas.e
>
> The w2k server is able to hit BOTH private networks and
> both (duh) public pipes.
>
> BUT even though and here is what makes me want to chew my
> own foot off, I set the default gateways on the dlinks to
> the public IP of the w2k server they STILL can not
> communicate with each other's private network.
>
> I.E. 192.168.0.1/24 can not ping 192.168.10.1/24 and vice
> versa. Even though their DG is the w2k server that rougts
> the packets and can talk with both private lans.
>
> When I test a client behind the dlinks they have full
> connectivity to the internet, the local 10.2.176.0/24 lan
> and the w2k server.
>
>
> When I trace things out it goes from the client, to the
> router (dlink) to the w2k server and where it needs to go.
>
>
> EXCEPT when I try to hit the private lans from either
> dlink.
> It goes for example:
>
> 192.168.0.124 ---->192.168.0.1----->10.2.176.86-------
> >10.2.176.254 (the default gateway of the w2k server)
>
>
>
> I must not have a good enough grasp on routing although
> this just should be a piece of cake.
>
>
> I can create pptp or ipsec tunnels BETWEEN each router and
> they will then communicate fine between themselves, but
> there is a LIMIT of 40 tunnels built into the routers. I
> have to make 82 tunnels.
>
> These results are duplicatable with 2 way Ipsec tunnels to
> the w2k server from the dlinks also.
>
> My goal is to at best have no need to have a static route
> to the w2k server (once these boxes go on different
> subnets) and have all lan to lan traffic go through the
> vpn tunnels. Or at worst have a few static routes telling
> all traffic destined for the lan sides to hit the w2k
> server.
>
> Any help would be appreciated.
>
> thanks dex
- Previous message: Ola: "Using Connectoid to deploy VPN"
- In reply to: dexion: "VPN routers to w2k rras server problems"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
