Need help with a LAN to LAN VPN please.

N

Nate

Hello all.

I have 2 LAN's that are connected over the Internet via a VPN from a Windows
2000 Server box configured as an Internet gateway, to a Windows 2000 Server
box configured as an Internet gateway. Both LAN's have Internet access, so
NAT routing is working properly on both networks. So connectivity to the
Internet shouldn't be a problem.

Here is the problem. LAN A gateway can access all hosts on LAN B, LAN B
gateway can access all hosts on LAN A, but LAN A hosts behind the LAN A
gateway cannot access LAN B hosts behind the LAN B gateway and vice versa.
How do I configure these networks so that all hosts on both LAN's can
properly route to each other over the VPN?

Thanks for any help,
Nate Watts
 
B

Bill Grant

There are really only two things that are essential. The RRAS router
should be the default gateway for the LAN clients. This is probably OK if
they can access the Internet through the router.

The other essential is that each router has a route to the "other"
private subnet through the tunnel. This is usually done by setting up static
routes linked to demand-dial interfaces. If you have already set up these
routes linked to the dd interfaces, check that both dd interfaces bind to
the connection (check that they both change to "connected" status) and that
the subnet routes through the tunnel are actually added to the routing table
(by doing a route print after connection of the VPN link).
 
N

Nate

Thanks for the help Bill.

I guess I don't understand what your talking about with using a demand dial
interface, or why it is necessary. Both gateway's can reach all hosts on
both networks. So their routing tables have a route in them that should
work right? I don't understand why the gateway's can't seem to route
packets that originated behind them on the networks. Could you please
explain in further detail?

Thank you,
Nate Watts
 
C

Christian Krackowizer

Here is the problem. LAN A gateway can access all hosts on LAN B, LAN
B gateway can access all hosts on LAN A, but LAN A hosts behind the
LAN A gateway cannot access LAN B hosts behind the LAN B gateway and
vice versa. How do I configure these networks so that all hosts on
both LAN's can properly route to each other over the VPN?
Click to expand...

what is 'access' ? can you ping ? If both LAN's hosts have their gateway as
default gateway configured, this should be enough. maybe you should post
the IP's here to clarify ...
 
B

Bill Grant

To route between the subnets behind the RRAS routers, you must use a
router to router VPN connection. Search the help files for router to router.
Heaps more info on the Microsoft W2k Server site.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ATTN: network guru's, I need your help with a VPN please. 1
Basic Local LAN to LAN routing 1
Routing problem on Microsoft RAS VPN 0
Routing over VPN and LAN 0
Win 2003 VPN: Cannot reach LAN 9
can't connect from LAN to vpn server's external address 1
VPN and LAN conflicts 13
VPN Server will not allow information to Pass-through. 4

Top