[isalist] Re: vpn demand dial gw-to-gw routing problem

  • From: "Egyptian Mind" <innocent_angel_eng@xxxxxxxxxxx>
  • To: isalist@xxxxxxxxxxxxx
  • Date: Mon, 26 Jun 2006 08:25:13 -0800

http://www.ISAserver.org -------------------------------------------------------

and can you please check the routing table on the RRAS server in the remote network that it route from internal lan to VPN connection???



 




    Best Regards
   Mohamed Saleh
   
    Senior Network Administrator 
    College of Business Administration, CBA
    Jeddah, Saudi Arabia
    Tel: +966-02-6563199 ext 2521
    Cell: - +966-50-2953591
 
 
!~` Yesterday is a History` ~!
!~` Tomorrow is a Mystery` ~!
!~` Today is a Gift` ~!
!~` So we call it ...............` ~!
!~` Present .......Simple` ~!
 
 
From: "Daniel" <daniel@xxxxxxxxxxxxxxxx>
Reply-To: isalist@xxxxxxxxxxxxx
To: "ISAServerList" <isalist@xxxxxxxxxxxxx>
Subject: [isalist] vpn demand dial gw-to-gw routing problem
Date: Sat, 24 Jun 2006 01:56:14 -0300
>http://www.ISAserver.org
>-------------------------------------------------------
>
>Hi have the same routing problem with all my vpns (I'm using PPTP vpns), seems be a MS RRAS specific problem.
>
>I have 5 dd persistent vpns on My headquarter isa server 2000/w2k, who dials to remote w2k-RRAS servers on
>partners networks. To route between the vpn subnets I have static routes trough the correspondent vpn dd iface
>in each RRAS and on my headquarter ISA/RRAS snap-in.
>
>In headquarter my ISA is the default gateway, but on the remote networks the LAN default gateway is generaly a
>cisco router or other router, not the w2k-RRAS with the vpn dd iface. To have a correct routing plan I need
>only create a route on this non-MS gateways to my headquarter vpn subnet trough the w2k-RRAS LAN iface (who
>have the dd vpn iface), but the routing don't work.
>
>To solve the problem I need to create a local route entry (the same route I have on the LAN non-MS default
>gateway) on each windows station on the remote LAN, so I have access to this machine trough vpn, this prove
>that the routing plan is correct.
>
>The problem seems be that default remote LAN gateway is a non-MS box, but in TCP/IP routing concepts this have
>no sens. Seems that packets routed trough a non-MS box are rejected by the w2K-RRAS server (who have the dd
>vpn iface) if they are destinated to the vpn.
>
>Someone can help me?
>
>thanks,
>
>Daniel
>
>
>
>------------------------------------------------------
>List Archives: //www.freelists.org/archives/isalist/
>ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
>ISA Server Blogs: http://blogs.isaserver.org/
>------------------------------------------------------
>Visit TechGenix.com for more information about our other sites:
>http://www.techgenix.com
>------------------------------------------------------
>To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>Report abuse to listadmin@xxxxxxxxxxxxx
>
------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 06-2006