LinkSys and W2003S IPsec tunnel

  • Thread starter Thread starter Tony Lokeng
  • Start date Start date
T

Tony Lokeng

Hello anyone :-)
I have strugled with setting up a VPN tunnel from my
LinkSys BEFSX41 and my Windows 2003 Server using
PreShared Key.
Finally I got my tunnel up (by not using NAT on the
Internet interface of the server).
I now have contact with, and can use rdp on the server
from my client behind the LinkSys.
I can ping the internal NIC on my server from the client,
but I can't ping my client from the server, nor the
internal interface on the LinkSys.
I have set a static route in RRAS, pointing the clients
net to the right gateway (ref.Q816514).

Can anyone come with a good tip, the network solution is
due for delivery on monday...

Best regards
Tony Løkeng
MCSE
 
And some configuration details may be helpfull =)

NetA: 192.168.230.0/24
NetB: 192.168.231.0/24
Server on SiteA:
int-ip: 192.168.230.1
ext-ip: 195.18.180.203
Linksys on SiteB:
int-ip: 192.168.231.1
ext-ip: 195.18.180.188

LinkSys VPN:
Local Secure group: 192.168.231.0/24
Remote Secure Group: 192.168.230.0/24
Remote Secure Gateway: 195.18.180.203

Server IPsecPolicy:
Followed the Q816514 in MS kb, using the above ip's

When connecting from the LinkSys, the tunnel gets up an
running without problems, (but still no ping from the
server, grrrmmllrr)
 
Better still, I placed a laptop on NetA, using Servers
int-ip as gateway, and tried ping the pirintserver on
NetB.
Success!
This means that the tunnel is working, and routes traffic
from NetA to NetB as planned.
But the printserveres IP is still not avalible from the
server itself, and it has to be.

Is this because traffic from the server itself to NetB
has Servers ext-ip as source, and thereby is not captured
by the ipsec filter (destination/source witch are NetA
and NetB's internal networks)?
 
Site-to-Site VPN solves this kind of scenario. You might want to visit:
http://www.microsoft.com/windows2000/server/evaluation/features/deplyr2rvpn.asp


--
Regards,
Rama Krishna Prasad[MS]

--
This posting is provided "AS IS" with no warranties, and confers no rights.

Hello anyone :-)
I have strugled with setting up a VPN tunnel from my
LinkSys BEFSX41 and my Windows 2003 Server using
PreShared Key.
Finally I got my tunnel up (by not using NAT on the
Internet interface of the server).
I now have contact with, and can use rdp on the server
from my client behind the LinkSys.
I can ping the internal NIC on my server from the client,
but I can't ping my client from the server, nor the
internal interface on the LinkSys.
I have set a static route in RRAS, pointing the clients
net to the right gateway (ref.Q816514).

Can anyone come with a good tip, the network solution is
due for delivery on monday...

Best regards
Tony Løkeng
MCSE
 
Back
Top