Home > IT Answers > Networking > Multi-Vpn Setup: can access all subnets when ...
Help

Question

  Asked: Mar 14 2008   5:08 PM GMT
  Asked by: Rowley613

Multi-Vpn Setup: can access all subnets when in office, while vpn'd can only access local subnet


Cisco, VPN, WAN, Multi Server, PIX, Subnets, Routing, problem, Ping, File servers, print server, LAN, Default route, Static route

I am having troubles with vpn users being able to see other subnets. It is set up as follows

Map

Any computer locally on the domain can see / ping/ access any other computer on any subnet / location. When someone vpn's into any of the routers they can only see the local subnet of the router they are vpn'ing into. So if someone vpn's to the LA router, they cant access the Chicago Subnet. I have static routes set up for each router.

ex: La to Chicago
192.168.111.0 255.255.255.0 12.x.x.x

I'm not sure if those are set up correctly.

I'm really confused as to why the traffic through the vpn is confusing the router and only getting to that subnet.

Any help would be greaaaaaaaaaaaatly appreciated.

Thanks

Subscribe to Alerts! Get questions and answers delivered to your Inbox.


E-mail me updates on this question



   SUBSCRIBE

hidden modal window
Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER
View History
 RATE THIS ANSWER
+1
Click to Vote:
  •   1
  •  0
Last Answered: Mar 14 2008  5:30 PM GMT  by Mrdenny




You need to tell the routers on each end that the subnet that the VPN traffic is on can traverse the routers. Also check your routes and make sure that the traffic going through the correct VPN.
  • AddThis Social Bookmark Button

Browse more Questions and Answers on Networking, Security and Channel.

Looking for relevant Networking Whitepapers? Visit the SearchNetworking.com Research Library.


RSS - Discussions Help

Discuss This Answer


You must be logged-in to discuss a question. Log-in/Register

Labnuke99  |   Mar 17 2008  3:18PM GMT

There’s a couple of possibilities here. One is that using VPN permits only access to the local LAN on that device. This means that “split tunnelling” is not enabled. Split tunnelling provides the capability of accessing devices on the user’s local LAN as well as other remote devices that they are able to normally able to reach.

The other issue is like what Mrdenny says. It could be a routing issue where the remote router does not know a route back to the networks in question. You may be trying to reach a network from a different source address than is permitted to route to it. Your source address may be masked when you VPN to the remote device.

I’m not sure we have enough information to really help solve this problem.