site to site vpn ping

Posted on 2013-07-01
Medium Priority
Last Modified: 2013-09-05
I created a VPN tunnel using ipsec between rras 2008 and a sonicwall.  tunnel comes up fine but i cant ping devices on either network.

i setup static routes as follows but it did not make a difference.


dest: remote network

sm: /24

gw: remote ip of vpn gw

I am not sure if this is relevant but when i enable nat the tunnel doesnt come up.  Hopefully someone can point me in the right direction.  Thanks
Question by:Kylo Ren
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 20

Expert Comment

ID: 39292668
As a part of the setup you would normally have to define what networks are accessible via the tunnel, at each end. Did you do anything like that?

Author Comment

by:Kylo Ren
ID: 39292765
yea definetly.  Before i installed the static routes i created a ip sec policy similar to the example below.

Local GW: Public IP
Local Subnet:
Remote GW: Public IP
Remote Subnet:

Tunnel appears to be fine (ike phase 1&2 SA's are visible) but no matter i can't route any traffic through it.
LVL 20

Expert Comment

ID: 39292837
If you have the option, I would change the subnet on one end from the 192.168.x.x to one of the other non routable ranges (10.0.x.x or 172.16.x.x.).

Author Comment

by:Kylo Ren
ID: 39292846
ok no furtunately i dont have that option so is there a work around? anything that i can test for to see where the issue lies?
LVL 20

Accepted Solution

carlmd earned 1500 total points
ID: 39292886
Try running a traceroute and see how far it gets.

Also, take a look at the following to insure you configuration is correct.


Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question