VPN between TMG2010 and RRAS: cannot ping machines in both internal networks
-
Saturday, March 31, 2012 8:57 PMHi,I am trying to configure a site-to-site VPN between TMG 2010 (Local, ext. 193.205.129.35) and Windows Server 2008 R2 RRAS (Remote, ext. 143.28.73.218) //both IPs are fake for just an example.
The internal network protected by TMG is defined as following:
- Internal [network] object is defined as a scope of 192.168.112.1 - 192.168.112.240
- The scope of 192.168.112.241 - 192.168.112.254 is reserved for a client-to-site VPN which works perfectly.
At the other side there is a RRAS with the defined internal network 192.168.111.1 - 192.168.111.254.
I created a site-to-site VPN between two external interfaces as suggested by TMG/RRAS guidelines and now I am trying to ping/tracert internal machines in both networks. However all attempts in either way fail with "Request timed out". I assume the packet might even reach the destination but doesn't know the route back. I have no clue what (static?) routes I shall define on both VPN servers to make packets return.Please help
Thanks- Edited by Vsevolod Ukrainsky Saturday, March 31, 2012 8:58 PM formatting
All Replies
-
Monday, April 02, 2012 6:44 AMModerator
Hi,
Thank you for the post.
Please ensure that you add the VPN tunnel endpoint address when you define the remote VPN site on each side of the tunnel.
http://technet.microsoft.com/en-us/library/bb794765.aspx
Regards,
Nick Gu - MSFT
- Proposed As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Thursday, April 05, 2012 4:02 AM
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Friday, April 06, 2012 6:30 AM
.png)
