none
VPN between TMG2010 and RRAS: cannot ping machines in both internal networks

    Question

  • Hi,
    I am trying to configure a site-to-site VPN between TMG 2010 (Local, ext. 193.205.129.35) and Windows Server 2008 R2 RRAS (Remote, ext. 143.28.73.218) //both IPs are fake for just an example.

    The internal network protected by TMG is defined as following:
    • Internal [network] object is defined as a scope of 192.168.112.1 - 192.168.112.240
    • The scope of 192.168.112.241 - 192.168.112.254 is reserved for a client-to-site VPN which works perfectly.

    At the other side there is a RRAS with the defined internal network 192.168.111.1 - 192.168.111.254.


    I created a site-to-site VPN between two external interfaces as suggested by TMG/RRAS guidelines and now I am trying to ping/tracert internal machines in both networks. However all attempts in either way fail with "Request timed out". I assume the packet might even reach the destination but doesn't know the route back. I have no clue what (static?) routes I shall define on both VPN servers to make packets return.

    Please help
    Thanks

    Saturday, March 31, 2012 8:57 PM

Answers