Accessing remote networks over windows VPN without 'Use remote default gateway' being checked.
Posted on 2013-01-03
I have two locations setup with a Cisco VPN tunnel. Location A (192.168.12.0/255.255.255.0) and location B (192.168.13.0/255.255.255.0). The tunnel works perfectly, and has no issues.
There is a server at each location:
Location A: SBS 2011
Location B: 2008 R2 Std
RRAS is setup on both servers at both locations, for speed and redundancy (upload speed at Location B is much faster than Location A). E-mail is hosted on-site at Location A (Exchange 2010), as well as som printers, and network shares. Location B only hosts a few printers and a share.
The problem is when accessing the VPN on Location B, i am unable to access e-mail or anything at Location A only when 'Use default gateway on remote network' is unchecked on the client's Windows VPN . This was unchecked due to the limited bandwidth at each location, and it allows remote users to use their own bandwidth for everything EXCEPT network resources. The problem with this being unchecked is there is no route to Location A when connected to the VPN @ Location B (and vice versa). The only real complaint is not being able to access e-mail while connected to the VPN at Location B, but in reality nothing is accessible at Location A (because it's attempting to access the resources using the LAN IP @ Location A (192.168.12.x), but since the VPN is NOT using the default gateway (as stated above), the user has no route to the remote location) . If I add a static route on the machine from the command prompt (route add 192.168.12.0 mask 255.255.255.0 192.168.13.1 metric 1) on ANY remote computer connecting to Location B VPN, im able to get to Location A (obviously) without having 'Use default gateway on remote network' checked.... This is NOT a solution. There has to be a way to do this via RRAS. I've even attempted adding a Static Route in RRAS on Location B's server with the same settings - did not work.
In short - i want to be able to access Location A + B from either the A or B VPN without having to 'Use default gateway on remote network' being checked on clients to avoid unecessary bandwidth usage from remote users.