[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 249
  • Last Modified:

VPN unable to access both sites on network.

Windows 2003

I have 2 sites in my network connected by a Site-to-Site VPN.

Site A:
   IP Address. . . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.152.2
                                                 207.69.188.171
   Primary WINS Server . . . . . . . : 192.168.152.2

Site B:
   IP Address. . . . . . . . . . . . : 192.168.152.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.152.1
   DNS Servers . . . . . . . . . . . : 192.168.152.2
 

When I am in the  office I can connect to both sites with no problem.

However, When I work remotely and VPN into SIte A, which contains my RRAS server I am unable to hit anything on Site B. I am able to access all resourses on Site A when connected to the VPN. I cannot ping anything on Site B, by IP or name.

Any ideas?
0
Biziteks
Asked:
Biziteks
  • 4
  • 3
  • 2
1 Solution
 
t_swartzCommented:
Are you allowing those vpn connections to route traffic to the 192.168.152.0 network? By default it is probably only going to allow access to the local lan.
0
 
BiziteksAuthor Commented:
How do I allow access to those networks in RRAS?
0
 
BiziteksAuthor Commented:
Here is the ipconfig from the workstation when VPN'nd into the network

PPP adapter FLPRess:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : FLPRess
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.151(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.152.2
                                       207.69.188.171
   Primary WINS Server . . . . . . . : 192.168.152.2
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
bkellyboulderitCommented:
Do you have "use gateway on remote network" checked or unchecked?

You may need to a static route on your PC to get to those resources. Your PC may not know the route to the remote resources from the VPN.

route [-p] add <destination> mask <subnet mask> <gateway>

http://www.windowsitpro.com/Articles/ArticleID/27171/27171.html?Ad=1

http://technet2.microsoft.com/windowsserver/en/library/86375729-e3f7-4441-bba7-79e3f1c1f5db1033.mspx?mfr=true
http://technet2.microsoft.com/windowsserver/en/library/1b70259f-158b-41b6-b105-7d1f14edb2421033.mspx?mfr=true
0
 
t_swartzCommented:
http://support.microsoft.com/kb/323441

I haven't used the rras in years, I install Cisco firewalls and routers to handle this. The articel should aim you in the right direction, and maybe someon else can add something. In looking at the config, when you connect via the vpn, are you getting a default gateway address? You'll need that in order to hit anything outside the local network.
0
 
BiziteksAuthor Commented:
When I look at my IP assigned by RRAS it does not show a gateway, I have use remote gateway unchecked. I just tried it with Remote Gateway checked and was able to ping the other servers.
0
 
bkellyboulderitCommented:
Does that mean it's working properly?
0
 
BiziteksAuthor Commented:
Yes sir, Checking the remote gateway box seems to have done the trick. I usually uncheck this since I prefer to use my own internet connection instead of routing out through the VPN gateway. However, in this case it bit me in arse. Thanks!
0
 
bkellyboulderitCommented:
:-) Yeah! Now it may possible to have it both ways if you do the route command correctly, but I'm not a routing guru. You'd have to figure that out...
basically a route to say traffic destined for the range of IP's you want routed through the tunnel....
However, it's still easy enough to toggle the checkbox....
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now