Need help with a LAN to LAN VPN please.

  • Thread starter Thread starter Nate
  • Start date Start date
N

Nate

Hello all.

I have 2 LAN's that are connected over the Internet via a VPN from a Windows
2000 Server box configured as an Internet gateway, to a Windows 2000 Server
box configured as an Internet gateway. Both LAN's have Internet access, so
NAT routing is working properly on both networks. So connectivity to the
Internet shouldn't be a problem.

Here is the problem. LAN A gateway can access all hosts on LAN B, LAN B
gateway can access all hosts on LAN A, but LAN A hosts behind the LAN A
gateway cannot access LAN B hosts behind the LAN B gateway and vice versa.
How do I configure these networks so that all hosts on both LAN's can
properly route to each other over the VPN?

Thanks for any help,
Nate Watts
 
There are really only two things that are essential. The RRAS router
should be the default gateway for the LAN clients. This is probably OK if
they can access the Internet through the router.

The other essential is that each router has a route to the "other"
private subnet through the tunnel. This is usually done by setting up static
routes linked to demand-dial interfaces. If you have already set up these
routes linked to the dd interfaces, check that both dd interfaces bind to
the connection (check that they both change to "connected" status) and that
the subnet routes through the tunnel are actually added to the routing table
(by doing a route print after connection of the VPN link).
 
Thanks for the help Bill.

I guess I don't understand what your talking about with using a demand dial
interface, or why it is necessary. Both gateway's can reach all hosts on
both networks. So their routing tables have a route in them that should
work right? I don't understand why the gateway's can't seem to route
packets that originated behind them on the networks. Could you please
explain in further detail?

Thank you,
Nate Watts
 
Here is the problem. LAN A gateway can access all hosts on LAN B, LAN
B gateway can access all hosts on LAN A, but LAN A hosts behind the
LAN A gateway cannot access LAN B hosts behind the LAN B gateway and
vice versa. How do I configure these networks so that all hosts on
both LAN's can properly route to each other over the VPN?
Click to expand...

what is 'access' ? can you ping ? If both LAN's hosts have their gateway as
default gateway configured, this should be enough. maybe you should post
the IP's here to clarify ...
 
To route between the subnets behind the RRAS routers, you must use a
router to router VPN connection. Search the help files for router to router.
Heaps more info on the Microsoft W2k Server site.
 
Back
Top