VPN gateway to gateway works in only one way

Discussion in 'Windows Small Business Server' started by Aleksandar, Jan 20, 2008.

  1. Aleksandar

    Aleksandar Guest

    OK here is the setup.

    First server is SBS 2003 Premium, Second is 2003 R2 Standard.
    RRAS is setup on both servers to act as router (two NIC's in each, one for
    local access and one connected to ISP's Cable modem) and remote acces server.
    Both servers configured with Dial on demand interfaces to connect to
    eachother and establish site to site VPN. That works fine (as far as
    connecting and authenticating) both servers connect and take one port and
    neither one detects other as remote access client so that part is OK. BTW it
    is PPTP VPN. The problem is that only one can ping and access other while the
    other cant. Also I noticed that if for example 2K3 R2 initiate connection it
    works fine from 2K3 R2 butt not from SBS and if SBS initiate connection SBS
    can ping 2K3 but 2K3 cant ping SBS. Interfaces are configured as Dial on
    Demand, I tried changing that to persistent but with the same result. On both
    servers static routes are configured correctly and both servers are in
    different IP ranges (one is 192.168.50.x and other is 192.168.60.x). Both
    servers receive IP address from others DHCP pool for DOD interface. Both
    servers are DC's for different domains no trust established between. I also
    tried to name DOD, user and password identicaly on both servers, also same
    result. If users access RRAS on any server using VPN connection from their
    home they have no problem accessing resources on host server. So the only
    problem is I cant make the damn thing work simultaneously as
    gateway-to-gateway link. I checked routing table on both after they establish
    connection and it is fine on both. I even noticed that ping works both way in
    first couple of seconds but when I try it again it works only from server
    that initiated connection first.
    Any help appreciated.
     
    Aleksandar, Jan 20, 2008
    #1
    1. Advertisements

  2. Have run Tracert to each source to see where the connection fails or times
    out?
     
    John Oliver, Jr. [MVP], Jan 20, 2008
    #2
    1. Advertisements

  3. Aleksandar

    Aleksandar Guest

    Hi John,
    from one (that initiated connection) tracert works fine it finds it on first
    hop and displays FQDN of the server. From other I get time outs.
     
    Aleksandar, Jan 21, 2008
    #3
  4. I would post to windows server group regarding your VPN issue. Seems the
    configuration is not setup properly on R2 Server.

    --
    John Oliver, Jr
    MCSE, MCT, CCNA
    Exchange MVP 2008
    Microsoft Certified Partner
     
    John Oliver, Jr. [MVP], Jan 23, 2008
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.