You also have to give the emote hosts a route back to the originating subnet across the VPN tunnel. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ <http://isaserver.org/Jim_Harrison/> http://isatools.org <http://isatools.org/> Read the help / books / articles! ------------------------------------------------------- ________________________________ From: Paul Crisp [mailto:PCrisp@xxxxxxxxxxxxxxxxx] Sent: Wednesday, April 13, 2005 02:33 To: [ISAserver.org Discussion List] Subject: [isalist] ISA 2004 and Routing http://www.ISAserver.org Wonder if someone can help me. We have a third party who has an IPSEC VPN connection to us and this is working fine. I have a network behind a network scenario and my 'Internal' range includes the local subnet and two other subnets that are also connected. Why can the third party only ping equipment in the local subnet and not the other two subnets? What do I have to do to get this to work? Internally our routing between the subnets is working fine. I have manually added a route -p add to the other two subnets also All help is greatly appreciated Paul Crisp Snr Network Support Analyst ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.
