Site to site VPN: Connected but won't route

  • Thread starter Thread starter eric
  • Start date Start date
E

eric

I have a Windows 2003 site to site VPN setup in 2 location:

DC-VPN1---internet----VPN2
17.16.0.x 17.16.9.x

I first joint VPN2 to domain, then setup site to site PPTP VPN. VPN1
and VPN2 can connect without problem. I have static route for:
VPN1: 17.16.9.0, 255.255.255.0
VPN2: 17.16.0.0, 255.255.255.0

The problem is DC (and any systems in domain side) can not ping VPN2
by neither name nor IP address. In DNS, it does have VPN2 host (a)
added after VPN2 join the domain. It seems like the routing is not
working.

Help would be appreciated.
 
Is the VPN router the default gateway for each site? The traffic for the
"other" site can only be routed through the site-to-site link if it actually
gets to the VPN router.

First check the routing table of each VPN router to ensure the route to
the "other" site's subnet is actually active using the tunnel endpoint
address. Then check that the traffic actually gets to the VPN router. Also
note that the routes must be correct on both routers. There must be a route
back for the reply message.
 
Back
Top