SNT Premium Member join:2002-07-17 Satellite Beach, FL |
SNT
Premium Member
2012-Jul-20 2:18 pm
VPNNot sure where this goes....
Anyway, I have a site to site vpn setup which is working fine. Is it possible to client VPN into one side or the other and see both networks?
Thanks |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jul-20 2:26 pm
The short answer is probably yes, but I'm guessing you want some help designing it and figuring out how to accomplish it. For that, you'll need to supply information and diagrams about your current set up and what exactly you wish to accomplish. |
|
SNT Premium Member join:2002-07-17 Satellite Beach, FL 1 edit |
SNT
Premium Member
2012-Jul-20 2:46 pm
Yeah, It was a generic question, but I cannot figure it out. I currently have two RV082s connected site to site. Everything behind these two can see all hosts on both networks, so this works fine When I PPTP into one of the RV082s, I can only "see" that one side, I cannot see the other side of the site-to-site. I also have two Sophos UTM120s connected site-to-site. I have the same issue with these when I client VPN into one of these boxes. Being that I have the same issue with various equipment, my inquiry was more generic. I wasn't if what I wanted to do was possible. I come up with a diagram if it helps....I need to do it anyway. EDIT: This is essentially the same..
I would like to client vpn into either side and see the hosts on both.
|
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jul-20 2:59 pm
I'd still suggest a diagram showing the connectivity of the devices including your internal IP addressing schemes. Later there may be questions that users will have as to current configurations of the devices, but I'd start with the current diagram and show where you want the other connections to be established. |
|
bdnhsv |
to SNT
I can't offer you a specific answer to a general question. Maybe someone else on here can. |
|
SNT Premium Member join:2002-07-17 Satellite Beach, FL |
SNT
Premium Member
2012-Jul-20 3:03 pm
said by bdnhsv:I can't offer you a specific answer to a general question. Maybe someone else on here can. I only asked if it was possible. I have not yet asked how to do it. |
|
bdnhsv join:2012-01-20 Huntsville, AL |
bdnhsv
Member
2012-Jul-20 3:04 pm
Yes - it's possible. |
|
|
to SNT
Not only is it possible, I can't even understand what would be the usefulness of cross-site VPNs that could only access the VPN server itself. I guess ppl do it on occasion, but 99% of ppl would be expecting whole network access. Typically your VPN server will have an option to either allow or deny it. I know for my simple tomato VPN client/server, accessing the entire network is a non-issue and works by default. If the OP is having problems, it's probably some option that hasn't been enabled/disabled, or perhaps some firewalls rules that need to be configured. |
|
SNT Premium Member join:2002-07-17 Satellite Beach, FL |
SNT
Premium Member
2012-Jul-20 3:30 pm
I agree with everything you said. I will find what I am missing. |
|
jimbopalmerTsar of all the Rushers join:2008-06-02 Greenwood, MS 1 edit |
to SNT
If they are the older RV082, when you configure the VPN, use a Netmask of 255.255.0.0 on the 'remote' RV, the RV will complain, but allow this. (No idea if the newer ones allow this) With a netmask of 255.255.0.0, your client will route ALL nonlocal 192.168 traffic to the VPN. With a netmask of 255.255.0 the 'central' RV will route traffic for the remote subnet , to the remote RV. The remote RV, with a netmask of 255.255.0.0 send all nonlocal 192.168 to the central RV and it will use a netmask of 255.255.255.0 to route it back to your client. (I assume your client is on a different 192.168 network than either site) Hope that helps. (I have only tried this with all RV routers) |
|
|
to SNT
said by SNT:I have a site to site vpn setup which is working fine. Is it possible to client VPN into one side or the other and see both networks? Short answer : yes Long answer : why would you want to? Or is it a case of management saying "yours is not to question why, yours is to GET IT TO WORK!" Regards |
|
SNT Premium Member join:2002-07-17 Satellite Beach, FL |
SNT
Premium Member
2012-Jul-23 8:42 am
said by HELLFIRE
Long answer : why would you want to? [/BQUOTE :I do not see why not. There are servers on both ends that the EUs need access to. |
|
|