dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1086
share rss forum feed


SNT
Premium
join:2002-07-17
Satellite Beach, FL

VPN

Not sure where this goes....

Anyway, I have a site to site vpn setup which is working fine. Is it possible to client VPN into one side or the other and see both networks?

Thanks

bdnhsv

join:2012-01-20
Huntsville, AL
The short answer is probably yes, but I'm guessing you want some help designing it and figuring out how to accomplish it. For that, you'll need to supply information and diagrams about your current set up and what exactly you wish to accomplish.


SNT
Premium
join:2002-07-17
Satellite Beach, FL

1 edit
Yeah,
It was a generic question, but I cannot figure it out. I currently have two RV082s connected site to site. Everything behind these two can see all hosts on both networks, so this works fine
When I PPTP into one of the RV082s, I can only "see" that one side, I cannot see the other side of the site-to-site.

I also have two Sophos UTM120s connected site-to-site. I have the same issue with these when I client VPN into one of these boxes.

Being that I have the same issue with various equipment, my inquiry was more generic. I wasn't if what I wanted to do was possible.

I come up with a diagram if it helps....I need to do it anyway.

EDIT:
This is essentially the same..



I would like to client vpn into either side and see the hosts on both.

bdnhsv

join:2012-01-20
Huntsville, AL
I'd still suggest a diagram showing the connectivity of the devices including your internal IP addressing schemes. Later there may be questions that users will have as to current configurations of the devices, but I'd start with the current diagram and show where you want the other connections to be established.

bdnhsv

join:2012-01-20
Huntsville, AL
reply to SNT
I can't offer you a specific answer to a general question. Maybe someone else on here can.


SNT
Premium
join:2002-07-17
Satellite Beach, FL
said by bdnhsv:

I can't offer you a specific answer to a general question. Maybe someone else on here can.

I only asked if it was possible. I have not yet asked how to do it.

bdnhsv

join:2012-01-20
Huntsville, AL
Yes - it's possible.


eibgrad

join:2010-03-15
reply to SNT
Not only is it possible, I can't even understand what would be the usefulness of cross-site VPNs that could only access the VPN server itself. I guess ppl do it on occasion, but 99% of ppl would be expecting whole network access. Typically your VPN server will have an option to either allow or deny it. I know for my simple tomato VPN client/server, accessing the entire network is a non-issue and works by default. If the OP is having problems, it's probably some option that hasn't been enabled/disabled, or perhaps some firewalls rules that need to be configured.


SNT
Premium
join:2002-07-17
Satellite Beach, FL
I agree with everything you said. I will find what I am missing.

jimbopalmer
Tsar of all the Rushers

join:2008-06-02
Greenwood, MS
kudos:3
Reviews:
·Suddenlink

1 edit
reply to SNT
If they are the older RV082, when you configure the VPN, use a Netmask of 255.255.0.0 on the 'remote' RV, the RV will complain, but allow this. (No idea if the newer ones allow this)

With a netmask of 255.255.0.0, your client will route ALL nonlocal 192.168 traffic to the VPN. With a netmask of 255.255.0 the 'central' RV will route traffic for the remote subnet , to the remote RV. The remote RV, with a netmask of 255.255.0.0 send all nonlocal 192.168 to the central RV and it will use a netmask of 255.255.255.0 to route it back to your client. (I assume your client is on a different 192.168 network than either site)

Hope that helps.

(I have only tried this with all RV routers)

--
I tried to remain child-like, all I achieved was childish.

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to SNT
said by SNT:

I have a site to site vpn setup which is working fine. Is it possible to client VPN into one side or the other and see both networks?

Short answer : yes

Long answer : why would you want to?

Or is it a case of management saying "yours is not to question why, yours is to GET IT TO WORK!"

Regards


SNT
Premium
join:2002-07-17
Satellite Beach, FL
said by HELLFIRE See Profile

Long answer : why would you want to?
[/BQUOTE :

I do not see why not. There are servers on both ends that the EUs need access to.