Solved

Routing to another device on another network joined by private VPN

Posted on 2011-03-17
7
539 Views
Last Modified: 2012-05-11
Hi all,

We have a IP KVM that is at another site which we want to use for troubleshooting should we need to remotely get into the bios of a server.

The two sites are joined by a cisco 1800 series VPN supplied by a telco vendor.  We can get to the server on the remote side as we have added a persisent route (i.e route -p with specifics) onto the server.

The ip kvm we arent so lucky.  How do i go about being able to contact this IP KVM from the remote site through this router?  Once of the cisco's is the main gateway where the IP KVM is and on the other side its just a router for VPN purposes.

Thanks in advance.
0
Comment
Question by:msha094
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 35162649
Usually, you would need to add the subnet of the KVM to the ACL you use for the VPN's address match so that the KVM subnet is swept into the VPN tunnel?  

0
 
LVL 8

Expert Comment

by:dosdet2
ID: 35169466
I can't picture your setup from your description.  Can you clarify - or better yet, post a simple diagram?

This is what I got:

Site_1 computer -> switch -> Telco_Router  -> VPN / Internet  -> Telco_Router  ->

Switch -> Server
           -> Workstations
           -> KVM

Is that accurate?
0
 

Author Comment

by:msha094
ID: 35169541
Yes correct, not that it matters but the telco routers don't supply Internet, simply a VPN between sites. Site 1 uses a different gateway hence why I have had to put in routes to the remote site pointing through the telco routers.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 8

Accepted Solution

by:
dosdet2 earned 500 total points
ID: 35169649
See Diagram.
If this is correct, then this is what needs to happen.
Assuming that:
site-1 = 10.1.1.0 /24
site-2 = 10.2.2.0 /24
R-1 = 10.1.1.1
R-2 = 10.2.2.1
Telco-router/ site-1 = 10.1.1.200
Telco-router/ site-2 = 10.2.2.200
KVM device has an address within the 10.2.2.0/24 subnet


The workstation at site 1 has a default gateway of 10.1.1.1
Server has default gateway of 10.2.2.1
R-1 needs a static route: dest=10.2.2.0/24  next hop=10.1.1.200
R-2 needs a static route: dest=10.1.1.0/24  next hop=10.2.2.200

The internet routers have a lot to do with the connection because they are the default gateways and packets must go there first if they are headed for an Ip address outside the current subnet.

If my diagram is inaccurate, then we will need to tweak my answer.
It will also depend on what kind of VPN you have (ip translation?)
Let us know.


2-Sites-w-VPN.JPG
0
 

Author Comment

by:msha094
ID: 35169682
Almost right except for no r2 at site two due to the internet being routed through internet access router site 1 with a static route of 192.168.20.0 255.255.255.0 192.168.30.251 in that router.  Which is i guess the next hop route you mentioned as the telco router is 30.251.

site 1 is 192.168.30.x with 2 internet gateways - 30.254 is the server gateway which in this case is the r1 in the diagram.   The other gateway 30.253 is used by the client PC's only.

0
 

Author Comment

by:msha094
ID: 35169694
The telco VPN setup is a special service provider providing just a link and no internet due to the contraints of the site where the branch is located.  normally that r2 would also provide internet access for us.
0
 

Author Comment

by:msha094
ID: 35186493
Solution - my IP KVM device had two spots for the default gateway of which one wasnt populated.  Once putting in correct gateway i could ping the device and access it from the other site.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question