Advertisement

03.28.2008 at 05:56AM PDT, ID: 23276980
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
8.7

Try to setup a wan connection with 2 cisco 851 Router

Zones: IPSec Security Protocol, Network Routers, Virtual Private Networking (VPN)
Tags: Cisco, cisco 800 series Router, 851, Site-to-site VPN
Hello Everybody,

            For a week I try to setup a Site-to-Site Vpn between 2 851 Cisco Router thru the SDM interface. Up to now, I'm able to get the VPN UP, but I can not ping on the remote site. Here'S a small description of my setup:

Site 1
Wan connection Type : Fixed IP over ADSL
Lan network 192.168.0.0 / 24 interface is on 192.168.0.230 (not a default gateway, so I do a route add on my computer)

Site 2
Wan Connection Type : PPPOE ADSL
Lan Network 172.16.0.0 / 16 interface is on 172.16.0.1 and is default gateway on this network

- I use the IPSEC site-to-site wizard in SDM and I keep the standard Encryption and authentification
- I've enable Split tunneling to only do encryption for data going to the remote site and not for other web request
- When the VPN goes UP: I can ping both interface on the remote router, and I can also Ping an other router on my remote site, but I cannot ping any other device (Server, printer or station)

Thanks in advance for your help !
Start your free trial to view this solution
Question Stats
Zone: Networking
Question Asked By: GMarchand
Solution Provided By: trinak96
Participating Experts: 1
Solution Grade: A
Views: 0
Translate:
Loading Advertisement...
03.28.2008 at 06:21AM PDT, ID: 21230101

Rank: Master

trinak96:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 06:59AM PDT, ID: 21230413
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 07:02AM PDT, ID: 21230450

Rank: Master

trinak96:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 07:21AM PDT, ID: 21230618
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 07:30AM PDT, ID: 21230724

Rank: Master

trinak96:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 07:51AM PDT, ID: 21230922
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 08:07AM PDT, ID: 21231069

Rank: Master

trinak96:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.28.2008 at 10:20AM PDT, ID: 21232367
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.29.2008 at 06:59AM PDT, ID: 21236555

Rank: Master

trinak96:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.29.2008 at 10:03AM PDT, ID: 21237277
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
03.29.2008 at 10:44AM PDT, ID: 21237440
GMarchand:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • Automotive
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Displays / Monitors
  • Handhelds / PDAs
  • Components
  • Peripherals
  • Laptops/Notebooks
  • Servers
  • Misc
  • Apple
  • Embedded Hardware
  • Networking Hardware
  • Storage
  • Desktops
  • New Users
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMware
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Virtualization
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • Web Computing
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Consulting
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMware
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Automation
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Web Services
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Web Computing
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Lounge
  • Business Travel
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
  • Automotive
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
03.28.2008 at 06:21AM PDT, ID: 21230101

Rank: Master

trinak96:
Hi, Can you post both configs, it would make it easier to diagnose your problem. Remove any passwords and public ip's.
Is the router on the remote site the default gateway for your printer/pc etc ? If not you will need to add a route to whatever device is.
 
03.28.2008 at 06:59AM PDT, ID: 21230413
GMarchand:
Hello trinak96:

Main site :
Router is not the default gateway, I do the route add if I want to ping on the remote office

Remote Site: Router is the default gateway, so I don't add anything in the routing table.

Is there a way I can drop config in a file by the SDM interface or by telnet, I'm not really use with cisco router...


Thks

 
03.28.2008 at 07:02AM PDT, ID: 21230450

Rank: Master

trinak96:
OK, use telnet to get the configs.
Login and enter "show run" command.
 
03.28.2008 at 07:21AM PDT, ID: 21230618
GMarchand:
I've copy the config too 2 text file. MAin site is the one with fixed IP, Remote site is the dynamic one.

See attached file...

Thks
 
MAIN-SITE.txt (5 KB) (File Type Details) 
Main site Router config
 
 
REMOTE-SITE.txt (4 KB) (File Type Details) 
remote site Router config
 
 
03.28.2008 at 07:30AM PDT, ID: 21230724

Rank: Master

trinak96:
Hmm, remote site file doesn't have any config for the site-site vpn ???
Is this the right router you want to be able to create the vpn to main site ?
 
03.28.2008 at 07:51AM PDT, ID: 21230922
GMarchand:
Not too proud about this one....I've done my test yesterday and unplug the router without saving....Here's the good file

Thks for your time !
 
REMOTE-SITE2.txt (5 KB) (File Type Details) 
Remote SIte Config
 
 
03.28.2008 at 08:07AM PDT, ID: 21231069

Rank: Master

trinak96:
Not a problem, done it myself a few times !!

Looked through the configs and seems ok.
Can you post an ip address of a server you cant ping at the moment in the remote site ?
Also post a "show arp" from the remote router.
 
03.28.2008 at 10:20AM PDT, ID: 21232367
GMarchand:


When the vpn is on, when i'm on the remote site, I can ping the 4 routers interfaces, and also the lan interface on a small d-link router on my main site, but all other server ...no answer. Somebody toll me a possible MTU problem...I've done some test and it still not work


Here's the show arp result; but router is actually offline on the wan side...

Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.16.0.1              -   001d.e5ca.f8b2  ARPA   Vlan1
Internet  172.16.0.100            0   0015.c54b.ef8e  ARPA   Vlan1
 
03.29.2008 at 06:59AM PDT, ID: 21236555

Rank: Master

trinak96:
OK, on the main site, the servers your trying to reach do they have the vpn router as default gateway ?
If not you should add a route to the default gateway pointing to the vpn router for your remote site.
Sounds like a routing problem more than anything else at the moment.
Accepted Solution
 
03.29.2008 at 10:03AM PDT, ID: 21237277
GMarchand:
Little question,

     when I configure the Site-to-site from the SDM, it ask me for an address where encrypted traffic origine and end .... I'm not to sure about my settiings, I cannot put both wan address because one is DHCP. I've try to put both lan adress actually, but should I define a complete different network address group for the tunnel ? I've also try to put from main site wan to remote lan....and it give me the same thing...When I do the VPN test thru sdm, I get drop packet issues and it suggest me to check MTUs.


Thks !
 
03.29.2008 at 10:44AM PDT, ID: 21237440
GMarchand:
Hey trinak

Drop my last question....You bring me the solution with the routing ! You saved my life ! Thks a lot for your help !
 
 
trinak96
03.29.2008 at 11:01AM PDT, ID: 21237507
No problem ,glad to have been able to help.
 
 
 
20080236-EE-VQP-29 / EE_QW_2_20070628