No announcement yet.

RRAS and Site-to-site Routing

  • Filter
  • Time
  • Show
Clear All
new posts

  • RRAS and Site-to-site Routing

    I sincerely hope this makes sense to someone who can point me in the right direction.

    I manage three office networks that are all joined together with three sonicwall devices. The three sonicwalls form sort of a 6-point site-to-site which allows all 3 locations to see each other.

    In one location, I house the majority of our services: Exchange, web, postfix, sftp, RRAS VPN, etc. This particular location has a fast fiber connection which makes it the obvious choice to house these services. The other two locations are just basic business connections with the local cable providers, nothing special.

    Here is an example of my subnetting:
    Location 1:
    Location 2:
    Location 3:

    My RRAS server, for example, sits at in Location 1. This server, as does anything else in this network, can ping anything in the other 2 subnets in the other 2 locations with no problems.

    The challenge I'm having is with the RRAS clients. Now, if I log into the RRAS server with a windows XP machine, for example, by default, I can see all 3 locations... this is with using the default gateway on the remote network.

    What I'm trying to do is to NOT route all internet traffic through RRAS, since this causes more bandwidth usage than is necessary. So, on the client side, I disable the remote gateway, but then can only see the subnet.

    If I "route add mask" (2.50 being the IP given to the RRAS client), I can then ping the network.

    There are many problems to this, though. One is that my client will not always get that IP, and I can't have my end users setting manual static routes, even if I set their RRAS IP static and give them a batch file...that's way too much overhead.

    I'm afraid that I may be stuck without a solution, since the only way to accomplish this may be with a client-side-only solution. I've been trying to wrap my head around static routing with in the RRAS MMC console as well as through active directory in the "dial in" tab, but to no avail as of yet.

    Anyone have any advice?

  • #2
    Re: RRAS and Site-to-site Routing

    1 Solution would be to use a Cisco PIX/ASA and have Cisco VPN client installed and setup Split tunneling this will resolve your issue, i hevent played with RRAS enough to see if thete is a way to fix the issue.

    here is a document on Split Tunneling fro RRAS

    The Classless Static Routes DHCP Option seems like the best option for you, the link contains some info on how to configre it with DHCP.
    Last edited by ikon; 16th October 2009, 10:03.
    MCSE 2003; MCTS Vista; Sec+; CCNA
    Attitude Makes The Difference!
    in other words you got to WANT to do it..


    • #3
      Re: RRAS and Site-to-site Routing

      Sorry for the late reply, been trying to catch up on other things. I will definitely look into split tunneling a bit more, but I'm not sure that using a cisco device would be an option. Cost is definitely an issue and it would be hard to justify it.

      I was hoping to find some sort of solution that would automatically create the static route on the client side when the connection is made, but it looks like I might be dreaming on that one