Solved

Need assistance with Cradlepoint VPN routing

Posted on 2014-02-19
5
1,471 Views
Last Modified: 2014-02-27
Hello Experts - I'm having some trouble with a disaster recovery site that is being tested.  I'm using a Cradlepoint MBR 1400 (http://www.cradlepoint.com/products/branch-office-retail-pos/arc-mbr1400-series-with-integrated-3g-4g) which is configured with a VPN to my DR site.  On the DR side is a Cisco ASA 5510.  In addition to the DR VPN the 5510 is configured with two additional VPNs to another company which hosts on the DR side need to reach.  I've been on the phone with Cisco and the problem appears to be that requests made from a host on the DR VPN to either of the other two VPNs are not making it across the tunnel.  I have the network ranges I am trying to reach setup in the Cradlepoint VPN configuration under "Remote Networks" as seen in the attached screenshot.

Screenshot
Could anyone point me in the right direction?  I must be missing something basic but haven't been able to figure it out on my own.
0
Comment
Question by:First Last
  • 3
  • 2
5 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39872410
I'm not much help with Cisco configs, but I do use a similar cradlepoint VPN to a sonicwall. I had some clarifying questions:
So the cradlepoint has a VPN to dr. Dr has a VPN to remote1 and remote2
When you are on the cradlepoint you can reach dr but not remote1 and remote2 correct?
What about the computers at dr, can they talk to remote1 or remote2?
0
 
LVL 1

Author Comment

by:First Last
ID: 39873401
Hi Aaron

You have it exactly right.  Computers at the DR site can talk to both remote sites.  Basically I'm not seeing traffic destined for the remote sites making it across the VPN.  I called Cradlepoint yesterday and explained the problem.  The tech showed me the IP summary screen where there was a private 10.x.x.x address showing.  He seemed to think that this was what is preventing the routing from working properly but that doesn't make much sense because the tunnel itself is up and I can reach hosts there, just not to the other remote VPNs.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39875403
I'm at a loss. Either the cradlepoint isn't sending the traffic (like its a bug), or the cisco isn't allowing the traffic through (configuration).

Since both companies blame each other...
0
 
LVL 1

Author Comment

by:First Last
ID: 39876625
The plot thickens!  I'm finding that its only public IP addresses that aren't being routed across the tunnel.  As an example, one of the addresses I need to go across the tunnel is for a company called Ensenta.  They require that we come from a specific IP address when accessing their administrative portal.  So to do that I need the traffic to go across the tunnel then out to the internet so that Ensenta sees us coming from the correct address.  No matter what I've tried this address refuses to route across the VPN and instead the Cradlepoint seems to just drop the traffic.
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 500 total points
ID: 39877980
So maybe cradlepoint has a bug/feature that the networks list is only checked for private ranges?

Can you just push all traffic over the tunnel?
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sonicwall content filter on vpn 13 42
Windows PE .WIM files WDS issue 4 32
Connection Dropouts to Database on Windows Server 2008 R2 DFS 12 23
Price for Fiber 13 33
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question