Solved

Routing to another device on another network joined by private VPN

Posted on 2011-03-17
7
533 Views
Last Modified: 2012-05-11
Hi all,

We have a IP KVM that is at another site which we want to use for troubleshooting should we need to remotely get into the bios of a server.

The two sites are joined by a cisco 1800 series VPN supplied by a telco vendor.  We can get to the server on the remote side as we have added a persisent route (i.e route -p with specifics) onto the server.

The ip kvm we arent so lucky.  How do i go about being able to contact this IP KVM from the remote site through this router?  Once of the cisco's is the main gateway where the IP KVM is and on the other side its just a router for VPN purposes.

Thanks in advance.
0
Comment
Question by:msha094
  • 4
  • 2
7 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 35162649
Usually, you would need to add the subnet of the KVM to the ACL you use for the VPN's address match so that the KVM subnet is swept into the VPN tunnel?  

0
 
LVL 8

Expert Comment

by:dosdet2
ID: 35169466
I can't picture your setup from your description.  Can you clarify - or better yet, post a simple diagram?

This is what I got:

Site_1 computer -> switch -> Telco_Router  -> VPN / Internet  -> Telco_Router  ->

Switch -> Server
           -> Workstations
           -> KVM

Is that accurate?
0
 

Author Comment

by:msha094
ID: 35169541
Yes correct, not that it matters but the telco routers don't supply Internet, simply a VPN between sites. Site 1 uses a different gateway hence why I have had to put in routes to the remote site pointing through the telco routers.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 8

Accepted Solution

by:
dosdet2 earned 500 total points
ID: 35169649
See Diagram.
If this is correct, then this is what needs to happen.
Assuming that:
site-1 = 10.1.1.0 /24
site-2 = 10.2.2.0 /24
R-1 = 10.1.1.1
R-2 = 10.2.2.1
Telco-router/ site-1 = 10.1.1.200
Telco-router/ site-2 = 10.2.2.200
KVM device has an address within the 10.2.2.0/24 subnet


The workstation at site 1 has a default gateway of 10.1.1.1
Server has default gateway of 10.2.2.1
R-1 needs a static route: dest=10.2.2.0/24  next hop=10.1.1.200
R-2 needs a static route: dest=10.1.1.0/24  next hop=10.2.2.200

The internet routers have a lot to do with the connection because they are the default gateways and packets must go there first if they are headed for an Ip address outside the current subnet.

If my diagram is inaccurate, then we will need to tweak my answer.
It will also depend on what kind of VPN you have (ip translation?)
Let us know.


2-Sites-w-VPN.JPG
0
 

Author Comment

by:msha094
ID: 35169682
Almost right except for no r2 at site two due to the internet being routed through internet access router site 1 with a static route of 192.168.20.0 255.255.255.0 192.168.30.251 in that router.  Which is i guess the next hop route you mentioned as the telco router is 30.251.

site 1 is 192.168.30.x with 2 internet gateways - 30.254 is the server gateway which in this case is the r1 in the diagram.   The other gateway 30.253 is used by the client PC's only.

0
 

Author Comment

by:msha094
ID: 35169694
The telco VPN setup is a special service provider providing just a link and no internet due to the contraints of the site where the branch is located.  normally that r2 would also provide internet access for us.
0
 

Author Comment

by:msha094
ID: 35186493
Solution - my IP KVM device had two spots for the default gateway of which one wasnt populated.  Once putting in correct gateway i could ping the device and access it from the other site.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Radius Debug Error 16 54
Server 2008 R2 Datacenter Repair OS 20 43
The purpose of using BGP 33 72
Remove LogMeIn from machines at user login 5 59
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now