Announcement

Collapse
No announcement yet.

Unable to Access Remote Server's Default Gateway Through VPN (RRAS)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to Access Remote Server's Default Gateway Through VPN (RRAS)

    I set up a PPTP site-to-site tunnel using 2 Windows servers using RRAS . Everything works fine for the most part; computers within LAN A (192.168.1.0/24) can communicate with computers in LAN B (192.168.0.0/24) through the VPN tunnel. My problem is that computers on LAN A can not access the router’s gateway on LAN B (192.168.0.1) and computers on LAN B can not access the default gateway on LAN A (192.168.1.1).

    I don’t see a problem with the routes and the server on LAN A can access the default gateway on LAN B and the server on LAN B can access the default gateway on LAN A.

    Running “tracert 192.168.1.1” on LAN B from the server reaches the default gateway in 2 hops. The first hop hits the server on the other side of the tunnel and the second hop hits the default gateway (192.168.1.1).

    Code:
    Tracing route to 192.168.1.1 over a maximum of 30 hops
    
      1   242 ms   253 ms   238 ms  MASKDC-FSC [192.168.1.120]
      2   239 ms   243 ms   238 ms  192.168.1.1
    
    Trace complete.
    But from any other computer on LAN B the first hop hits the server on LAN B, the second hop hits the server on LAN A and then “Request timed out” repeats until the command is terminated.

    Code:
    Tracing route to 192.168.1.1 over a maximum of 30 hops
    
      1    <1 ms     *       <1 ms  mask-server.mask-domain.local [192.168.0.2]
    
      2   269 ms   225 ms   227 ms  MASKDC-FSC [192.168.1.120]
      3     *        *        *     Request timed out.
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7     *        *        *     Request timed out.
      8     *        *        *     Request timed out.
      9     *        *        *     Request timed out.
    FYI, I need to access the default gateway through the tunnel because the remote site has multiple subnets that I can only access via that gateway.

    Thanks in advance!

  • #2
    Re: Unable to Access Remote Server's Default Gateway Through VPN (RRAS)

    I figured it out. Problem solved!

    I had assumed it was not a routing issue because the servers were able to ping the gateway across the tunnel but after using Wireshark I noticed that the the source address on each packet from the server had actually used an address within the subnet on the other side of the tunnel. After noticing this, I realized that I needed a static route on the default gateway router in addition to (/replacement of) the static routes on each LAN computer.

    I should have figured this out much sooner; I guess I just needed to be shoved in the right direction!

    Comment


    • #3
      Re: Unable to Access Remote Server's Default Gateway Through VPN (RRAS)

      Well done, and thanks for posting your solution!
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment

      Working...
      X