Solved

Can't access remote resources through RRAS Persistent Site to Site VPN connection

Posted on 2006-06-27
2
316 Views
Last Modified: 2008-03-06
Hi All - 1st time Poster here - any input is greatly appreciated!

Situation is as follows:

Windows Server 2003 R2 behind a SOHO 6 Watchgard firewall has a persistent VPN connection to a remote Windows 2000 Server also behind a SOHO 6 Watchgard firewall. The persistent VPN connection is setup using RRAS at both sites (The Watchgards don't have the upgrade to enable VPN).

The 2 servers which have the VPN persistent connection can ping each other using HOSTS names and internal IP's.

Clients on Domain A & B can ping the internal IP of the remote VPN server but thats where the connectivity stops.

I have tried setting up static routes on both points of the VPN to enable users on Domain A to access resources on Domain B and vise versa.

Domain A has IP 192.168.0.x
Domain B has IP 192.7.1.x

Both sites have static IP's and have forwarded the correct ports to each of the vpn servers.

On Domain B VPN Server "Calling Router" (Win2k 192.7.1.2) I have added a static route of 192.168.0.0 SM 255.255.255.0
DG (Greyed Out) which I thought would filter any traffic comming from the local clients that is looking for 192.168.0.x Ip's and forward it through the VPN rather than searching locally.

On Domain A VPN Server "Answering Router" (Win2003 192.168.0.56) I have a static route setup as 192.7.1.0 SM 255.255.255.0 DG (Blank) to filter local traffic looking for 192.7.1.x through the vpn to the remote site.

From Domain A VPN Server - I can ping the remote VPN Server and ALL other remote servers and workstations by internal IP (same with Domain B back to Domain A resources).

How do I get local clients (all XP Pro) of Domain A to be able to ping Domain B clients and servers using the persistent site to site connection (and vice versa for Domain B to Domain A)?

Some TRACERT info:

From client  (192.7.1.1) on Domain B:
tracert 192.168.0.58 (remote client)

1 <10 ms <10 ms <10 ms SERVERB (192.7.1.2)
2 96 ms 96 ms 95 ms        SERVERA (192.7.1.245)     <---- static Ip setup in demand dial connection
3 *       *           *
4 *       *           * (etc)

From Dom B vpn server (192.7.1.2) to Dom A vpn server:
tracert 192.168.0.56 (Dom A vpn server)

1 78 ms 78 ms 73 ms     SERVERA (192.168.0.56)
trace complete

From Dom B vpn server to client on Dom A
tracert 192.168.0.58 (client on Dom A)

1 6 ms 62 ms 47 ms  SERVERA (192.7.1.245)
2 47 ms 63 ms 62 ms CLIENT_ON_DomA (192.168.0.58)
trace complete

From client on Dom B to SERVERA (vpn server on Dom A)
tracert 192.168.0.56 (vpn server on Dom A)

1 <1 ms <1 ms 1< ms  192.7.1.2 (Dom B vpn server)
2  54 ms 55 ms 54 ms   SERVERA (192.168.0.56)
trace complete

From client on Dom B to client on Dom A
tracert 192.168.0.58 (client on Dom A)

1 <1 ms <1 ms 1< ms  192.7.1.2 (Dom B vpn server)
2  54 ms  55 ms  54 ms 192.7.1.245
3   *          *         *
4   *          *         *  (etc)

This behavior from Dom B to Dom A is also manifesting from Dom A to Dom B.

Thanks for your help!

 
0
Comment
Question by:IamBruceM
2 Comments
 
LVL 12

Accepted Solution

by:
DLeaver earned 500 total points
ID: 17001545
Hi

Have you set the clients as VPN clients?  What is your current DNS setup?  Is the VPN connection between the servers a demand dial persistent connection?

DL
0
 

Author Comment

by:IamBruceM
ID: 17198410
Hi DL,

My customer wound up outsourcing this issue to another company.

I'd like to give you points for showing intrest but am not sure how to proceed.

Thanks for your help!
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now