Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Routing to another device on another network joined by private VPN

Posted on 2011-03-17
7
Medium Priority
?
551 Views
Last Modified: 2012-05-11
Hi all,

We have a IP KVM that is at another site which we want to use for troubleshooting should we need to remotely get into the bios of a server.

The two sites are joined by a cisco 1800 series VPN supplied by a telco vendor.  We can get to the server on the remote side as we have added a persisent route (i.e route -p with specifics) onto the server.

The ip kvm we arent so lucky.  How do i go about being able to contact this IP KVM from the remote site through this router?  Once of the cisco's is the main gateway where the IP KVM is and on the other side its just a router for VPN purposes.

Thanks in advance.
0
Comment
Question by:msha094
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 35162649
Usually, you would need to add the subnet of the KVM to the ACL you use for the VPN's address match so that the KVM subnet is swept into the VPN tunnel?  

0
 
LVL 8

Expert Comment

by:dosdet2
ID: 35169466
I can't picture your setup from your description.  Can you clarify - or better yet, post a simple diagram?

This is what I got:

Site_1 computer -> switch -> Telco_Router  -> VPN / Internet  -> Telco_Router  ->

Switch -> Server
           -> Workstations
           -> KVM

Is that accurate?
0
 

Author Comment

by:msha094
ID: 35169541
Yes correct, not that it matters but the telco routers don't supply Internet, simply a VPN between sites. Site 1 uses a different gateway hence why I have had to put in routes to the remote site pointing through the telco routers.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 8

Accepted Solution

by:
dosdet2 earned 2000 total points
ID: 35169649
See Diagram.
If this is correct, then this is what needs to happen.
Assuming that:
site-1 = 10.1.1.0 /24
site-2 = 10.2.2.0 /24
R-1 = 10.1.1.1
R-2 = 10.2.2.1
Telco-router/ site-1 = 10.1.1.200
Telco-router/ site-2 = 10.2.2.200
KVM device has an address within the 10.2.2.0/24 subnet


The workstation at site 1 has a default gateway of 10.1.1.1
Server has default gateway of 10.2.2.1
R-1 needs a static route: dest=10.2.2.0/24  next hop=10.1.1.200
R-2 needs a static route: dest=10.1.1.0/24  next hop=10.2.2.200

The internet routers have a lot to do with the connection because they are the default gateways and packets must go there first if they are headed for an Ip address outside the current subnet.

If my diagram is inaccurate, then we will need to tweak my answer.
It will also depend on what kind of VPN you have (ip translation?)
Let us know.


2-Sites-w-VPN.JPG
0
 

Author Comment

by:msha094
ID: 35169682
Almost right except for no r2 at site two due to the internet being routed through internet access router site 1 with a static route of 192.168.20.0 255.255.255.0 192.168.30.251 in that router.  Which is i guess the next hop route you mentioned as the telco router is 30.251.

site 1 is 192.168.30.x with 2 internet gateways - 30.254 is the server gateway which in this case is the r1 in the diagram.   The other gateway 30.253 is used by the client PC's only.

0
 

Author Comment

by:msha094
ID: 35169694
The telco VPN setup is a special service provider providing just a link and no internet due to the contraints of the site where the branch is located.  normally that r2 would also provide internet access for us.
0
 

Author Comment

by:msha094
ID: 35186493
Solution - my IP KVM device had two spots for the default gateway of which one wasnt populated.  Once putting in correct gateway i could ping the device and access it from the other site.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question