asked on

Site to Site VPN

I'm trying to get a site to site VPN using Draytek 2820 routers setup as follows.

Site A
LAN 192.168.1.0 / 24 Default router on 192.168.1.1 VPN Router on 192.168.1.2
Connected to ADSL via NAT and single static IP

Site B
LAN 192.168.2.0 /24 Default router 192.168.2.1
Connected to ADSL via NAT and single static IP

The VPN is active and I can ping from the ping diagnostics on the router at site A to 192.168.1.2 at site B but I can't ping anything on the LAN at Site A from Site B

Do I need to add some other routes somewhere?

anand_mj

Use no nat for VPN traffic

Milkybar-kid

ASKER

There is no problem with the VPN connection. It is a routing issue. I have configured these devices using NAT before. What difference will no nat make? Care to expand to help me reolve this?

ASKER CERTIFIED SOLUTION

gjdonkeh

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Milkybar-kid

ASKER

What routes should I add ?

James

The best way of diagnosing the problem would be to view the route table information on the problematic site. Go to the command prompt > type route print > this will display the route table information. The next step would be to try tracert at the command. This will tell you where the point of failure is. You may need to add persistant routes. Also, you could try adding static entries to the host file on a PC and then check to see if you can ping. The problem could be down to dns resolution. An important point to note, make sure the firmware on both routers is up to date.

Qlemo

No need for diagnosis. The default gateway on site A does not know how to route 192.168.2.0. Just add the route there, and you should be set.