Announcement

Collapse
No announcement yet.

L2TP/IPSEC SITE TO SITE VPN Issues

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • L2TP/IPSEC SITE TO SITE VPN Issues

    Hello,
    I currently have two vpn servers with Windows 2003 Server R2. One is a VM Machine while the other is a physical server. Each server has one nic configured with a local ip,local dns,and local gateway(Netgear Router) assigned. The main site has port fowarding enabled directed at the vpn server and has local network id of 192.168.1.0. The remote site has port fowarding enabled directed at the remote vpn server and has local network id of 192.68.2.0. All certicates are installed on each machine and the demand dial interface is up and running. From the main site vpn server i can access the remote network resources and vice versa. The problem i have is that these two servers are the only ones that communicate with each other. For example, on one of the main site computers i try to ping the other network and i get no response nor can i access shares. Like i said before, each server has one nic installed and have direct access to their perspective networks. There are no permitter networks on each side. The basic network setup is router with port fowarding of UDP 500 and UDP 4500 ports to the vpn servers. What i want is for every computer on both networks to be able to acess each others resources. I suspect it's because i have one nic installed on each vpn server. Can you guys please help?

    Thanks
    Last edited by biggles77; 18th October 2008, 06:23. Reason: Unwarranted link removed.

  • #2
    Re: L2TP/IPSEC SITE TO SITE VPN Issues

    Well, have you think about something called routing?
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: L2TP/IPSEC SITE TO SITE VPN Issues

      i put static routes in the vpn configuration. I know it has to do with routing. anything going to 192.168.1.0 go through the vpn interface and the same for the other server 192.168.2.0 go through vpn1 interface. THe interfaces are the point to point connections.

      Comment


      • #4
        Re: L2TP/IPSEC SITE TO SITE VPN Issues

        Here's my take (and I'm not a routing expert): You are using a /24 (255.255.255.0) subnet mask on each network. Therefore local hosts will never "look" to the gateway, vpn, or anything else as they believe that all 192.168.x.x hosts are local and therefore the traffic doesn't need to go to the gateway. Try changing the ip scheme of one of the subnets.

        Comment

        Working...
        X