Solved

Can't access new server via L2L VPN, others are fine.

Posted on 2007-04-05
3
241 Views
Last Modified: 2010-04-09
I have a remote office which connects to us over a lan to lan VPN from a Cisco 506E to our VPN 3000 concentrator.  All is well, except that I have installed a new windows 2003 server to replace an existing 2000 file server, and the VPN users can't access the new shares.  They have a mapping in their hosts file for the new server, but it does not respond to pings or to mapping by name.  The off thing is that they can ping and access the old server which is right next to the new one, and both are plugged into the same unamanged switch.  Everyone in the local office has no problem accessing the new server as well.  

Any ideas where to look?
0
Comment
Question by:mchad65
3 Comments
 

Expert Comment

by:amerretz
ID: 18860394
Make sure all both networks are using different IP subnet ranges.  I have had this exact problem, it turned out that I was using the same class C address range at both sites. I guess the router still likes something to route.
0
 
LVL 5

Accepted Solution

by:
Harsem earned 500 total points
ID: 18861641
Hello mchad55,

I guess the other thing to check is the subnet mask and the defualt gateway on the new Windows 2003 Server. You have not mentioned if the Windows 2003 Server can access anything else through that Cisco 506E (such as internet or other VPNs).

Alternatively (not knowing your internal network set-up) are you using a static route for the network on the remote site for your Windows 2000 server? You can check this by typing "Route Print" - again, I do not know if that Cisco 506E is your Default gateway or not. If it is not you can add a static route to your Windows 2003 server to point it to the Cisco 506E by typing in a command prompt:

route add 192.168.45.0 MASK 255.255.255.0 192.168.1.1 -p

where 192.168.45 0/24 is your remote network and 192.168.1.1 is the internal IP address of your Pix.

Hope this helps.
0
 

Author Comment

by:mchad65
ID: 18861822
ugh.  Static routes.  I'll bet real money that's it.  I do have one on the 2000 server.  I forgot all about it.  I won't know until tuesday, as the UK has holidays until then, but that's got to be it.  Excellent.  Thanks!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now