VPN between TMG2010 and RRAS: cannot ping machines in both internal networks


  • Hi,
    I am trying to configure a site-to-site VPN between TMG 2010 (Local, ext. and Windows Server 2008 R2 RRAS (Remote, ext. //both IPs are fake for just an example.

    The internal network protected by TMG is defined as following:
    • Internal [network] object is defined as a scope of -
    • The scope of - is reserved for a client-to-site VPN which works perfectly.

    At the other side there is a RRAS with the defined internal network -

    I created a site-to-site VPN between two external interfaces as suggested by TMG/RRAS guidelines and now I am trying to ping/tracert internal machines in both networks. However all attempts in either way fail with "Request timed out". I assume the packet might even reach the destination but doesn't know the route back. I have no clue what (static?) routes I shall define on both VPN servers to make packets return.

    Please help

    Saturday, March 31, 2012 8:57 PM