NAT & VPN on different servers. Site to Site VPN will not route

E

eric

I am trying to setup a site to site VPN for 2 locations using Windows
2003. The setup for site to site VPN was done without problem and
each location can access the other location just like in LAN when I
put NAT and VPN in the same server. The setup is:

client-NAT/VPN server-domain---internet---NAT/VPN server-client


However if I put NAT and VPN on 2 different servers (see below), only
remote site (NAT/VPN same server) can ping/access domain site, but
domain site can not ping remote site.

client-NAT server|__ domain---internet---NAT/VPN server-client
VPN server|

There must be a way to make this to work. Any help is appreciated.
 
B

Bill Grant

Do you have a particular reason to put NAT and VPN on separate routers?
It makes the routing a bit tricky, because only one router can be the
default gateway of the LAN. The best way around your problem (if you really
want to use two routers) is to make the NAT router the default gateway, then
add a static route to it (ie the Internet router) to redirect the traffic
for the subnet across the VPN link to the VPN router.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN NAT Transparency 2
VPN server without domain controller 0
RRAS, NAT & External VPN Problem 3
Certain routers and switches are not accessible through VPN. 0
VPN On W2000 1
Connected to VPN but cannot Ping... 1
Setting up VPN and NAT on the Same W2k Server? 2
Problem with VPN client behind NAT on Win2k Server 3

Top