G
Guest
Hi !
I am about to change public IP address range, since the old range is too small. We use a VPN gateway as a firewall/IPsec terminator on the internet connection of the Win 2000 Server. To be able to migrate one VPN partner/customer at a time, I have invested in a secondary VPN gateway, and have given it new the IP addresses. It is physically connected to the same network as the old VPN gateway.
I added a secondary IP address to the NIC on the server, and I can contact the new VPN gateway from the server and vice versa.
The traffic through the VPN tunnel (outgoing) runs in the tunnel, and also if sending in the other direction, but something is wrong with the routing. I have added a static route of the destination network via the new VPN gateway.
The problem seems to be that Windows does not use the secondary IP address as source address in the TCP packets (I cannot prove that), and when it arrives at the far end VPN gateway, it is not accepted.
Does anyone have any clue about how I can change this behaviour, or is it is another problem...
If not, I have to buy a second NIC to plug the new VPN gw into.
Kind regards.
/ Inge
I am about to change public IP address range, since the old range is too small. We use a VPN gateway as a firewall/IPsec terminator on the internet connection of the Win 2000 Server. To be able to migrate one VPN partner/customer at a time, I have invested in a secondary VPN gateway, and have given it new the IP addresses. It is physically connected to the same network as the old VPN gateway.
I added a secondary IP address to the NIC on the server, and I can contact the new VPN gateway from the server and vice versa.
The traffic through the VPN tunnel (outgoing) runs in the tunnel, and also if sending in the other direction, but something is wrong with the routing. I have added a static route of the destination network via the new VPN gateway.
The problem seems to be that Windows does not use the secondary IP address as source address in the TCP packets (I cannot prove that), and when it arrives at the far end VPN gateway, it is not accepted.
Does anyone have any clue about how I can change this behaviour, or is it is another problem...
If not, I have to buy a second NIC to plug the new VPN gw into.
Kind regards.
/ Inge