Solved

site to site vpn ping

Posted on 2013-07-01
5
266 Views
Last Modified: 2013-09-05
I created a VPN tunnel using ipsec between rras 2008 and a sonicwall.  tunnel comes up fine but i cant ping devices on either network.

i setup static routes as follows but it did not make a difference.

int:wan

dest: remote network

sm: /24

gw: remote ip of vpn gw

I am not sure if this is relevant but when i enable nat the tunnel doesnt come up.  Hopefully someone can point me in the right direction.  Thanks
0
Comment
Question by:Kylo Ren
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 39292668
As a part of the setup you would normally have to define what networks are accessible via the tunnel, at each end. Did you do anything like that?
0
 
LVL 5

Author Comment

by:Kylo Ren
ID: 39292765
yea definetly.  Before i installed the static routes i created a ip sec policy similar to the example below.

Local GW: Public IP
Local Subnet: 192.168.0.0/24
Remote GW: Public IP
Remote Subnet: 192.168.1.0/24

Tunnel appears to be fine (ike phase 1&2 SA's are visible) but no matter i can't route any traffic through it.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39292837
If you have the option, I would change the subnet on one end from the 192.168.x.x to one of the other non routable ranges (10.0.x.x or 172.16.x.x.).
0
 
LVL 5

Author Comment

by:Kylo Ren
ID: 39292846
ok no furtunately i dont have that option so is there a work around? anything that i can test for to see where the issue lies?
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 39292886
Try running a traceroute and see how far it gets.

Also, take a look at the following to insure you configuration is correct.

http://technet.microsoft.com/en-us/library/dd469733.aspx
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vpn to Azure 2 24
Port# 500 and 4500 not open by ISP 10 82
Tool to test the firewall  protection 9 86
VPN - Site to Site  not decapsulating (ASA-Sophos XG85) 1 30
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
An article on effective troubleshooting
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question