Solved

site to site vpn ping

Posted on 2013-07-01
5
260 Views
Last Modified: 2013-09-05
I created a VPN tunnel using ipsec between rras 2008 and a sonicwall.  tunnel comes up fine but i cant ping devices on either network.

i setup static routes as follows but it did not make a difference.

int:wan

dest: remote network

sm: /24

gw: remote ip of vpn gw

I am not sure if this is relevant but when i enable nat the tunnel doesnt come up.  Hopefully someone can point me in the right direction.  Thanks
0
Comment
Question by:Kylo Ren
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 39292668
As a part of the setup you would normally have to define what networks are accessible via the tunnel, at each end. Did you do anything like that?
0
 
LVL 4

Author Comment

by:Kylo Ren
ID: 39292765
yea definetly.  Before i installed the static routes i created a ip sec policy similar to the example below.

Local GW: Public IP
Local Subnet: 192.168.0.0/24
Remote GW: Public IP
Remote Subnet: 192.168.1.0/24

Tunnel appears to be fine (ike phase 1&2 SA's are visible) but no matter i can't route any traffic through it.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39292837
If you have the option, I would change the subnet on one end from the 192.168.x.x to one of the other non routable ranges (10.0.x.x or 172.16.x.x.).
0
 
LVL 4

Author Comment

by:Kylo Ren
ID: 39292846
ok no furtunately i dont have that option so is there a work around? anything that i can test for to see where the issue lies?
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 39292886
Try running a traceroute and see how far it gets.

Also, take a look at the following to insure you configuration is correct.

http://technet.microsoft.com/en-us/library/dd469733.aspx
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Join & Write a Comment

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now