Saturday, March 31, 2012 8:57 PMHi,I am trying to configure a site-to-site VPN between TMG 2010 (Local, ext. 188.8.131.52) and Windows Server 2008 R2 RRAS (Remote, ext. 184.108.40.206) //both IPs are fake for just an example.
The internal network protected by TMG is defined as following:
- Internal [network] object is defined as a scope of 192.168.112.1 - 192.168.112.240
- The scope of 192.168.112.241 - 192.168.112.254 is reserved for a client-to-site VPN which works perfectly.
At the other side there is a RRAS with the defined internal network 192.168.111.1 - 192.168.111.254.
I created a site-to-site VPN between two external interfaces as suggested by TMG/RRAS guidelines and now I am trying to ping/tracert internal machines in both networks. However all attempts in either way fail with "Request timed out". I assume the packet might even reach the destination but doesn't know the route back. I have no clue what (static?) routes I shall define on both VPN servers to make packets return.
- Edited by Vsevolod Ukrainsky Saturday, March 31, 2012 8:58 PM formatting
Monday, April 02, 2012 6:44 AMModerator
Thank you for the post.
Please ensure that you add the VPN tunnel endpoint address when you define the remote VPN site on each side of the tunnel.
Nick Gu - MSFT
- Proposed As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Thursday, April 05, 2012 4:02 AM
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Friday, April 06, 2012 6:30 AM