Solved

Can't access new server via L2L VPN, others are fine.

Posted on 2007-04-05
3
247 Views
Last Modified: 2010-04-09
I have a remote office which connects to us over a lan to lan VPN from a Cisco 506E to our VPN 3000 concentrator.  All is well, except that I have installed a new windows 2003 server to replace an existing 2000 file server, and the VPN users can't access the new shares.  They have a mapping in their hosts file for the new server, but it does not respond to pings or to mapping by name.  The off thing is that they can ping and access the old server which is right next to the new one, and both are plugged into the same unamanged switch.  Everyone in the local office has no problem accessing the new server as well.  

Any ideas where to look?
0
Comment
Question by:mchad65
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 

Expert Comment

by:amerretz
ID: 18860394
Make sure all both networks are using different IP subnet ranges.  I have had this exact problem, it turned out that I was using the same class C address range at both sites. I guess the router still likes something to route.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 500 total points
ID: 18861641
Hello mchad55,

I guess the other thing to check is the subnet mask and the defualt gateway on the new Windows 2003 Server. You have not mentioned if the Windows 2003 Server can access anything else through that Cisco 506E (such as internet or other VPNs).

Alternatively (not knowing your internal network set-up) are you using a static route for the network on the remote site for your Windows 2000 server? You can check this by typing "Route Print" - again, I do not know if that Cisco 506E is your Default gateway or not. If it is not you can add a static route to your Windows 2003 server to point it to the Cisco 506E by typing in a command prompt:

route add 192.168.45.0 MASK 255.255.255.0 192.168.1.1 -p

where 192.168.45 0/24 is your remote network and 192.168.1.1 is the internal IP address of your Pix.

Hope this helps.
0
 

Author Comment

by:mchad65
ID: 18861822
ugh.  Static routes.  I'll bet real money that's it.  I do have one on the 2000 server.  I forgot all about it.  I won't know until tuesday, as the UK has holidays until then, but that's got to be it.  Excellent.  Thanks!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question