+ Post New Thread
Results 1 to 5 of 5
Wired Networks Thread, Site to site VPN routing issue. in Technical; ...
  1. #1

    Join Date
    May 2012
    Location
    South West
    Posts
    11
    Thank Post
    5
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Site to site VPN routing issue.

    Dear all,

    I'm having some trouble setting up a site to site link between two schools and would be very grateful for any pointers as I'm a bit stuck.

    SETUP: Firstly, both sites are on SWGFL and we've had the required ipsec ports opened at both ends. Cisco routers at both ends are managed by SWGFL.
    We also have a pair of Cisco SA540 security appliances which have now been configured as a site to site link, this is up and running (states connection established at both ends).
    Multiple 2008 R2 Servers run as DCís at both sites (DHCP/DNSÖ) currently RRAS isnít running on any of the DCís.
    QUESTION: How would I go about routing the correct traffic though the VPN so I can setup one site as a child domain? Am I correct in assuming adding a static route on the DCs could be the answer? My other thought at the moment is to put a change request in to SWGFL (ISP) and get them to add a new route in to both routers, Iím a bit lost on this one though.

    Any help would be most appreciated.

    Thanks in advance,

    Dave

  2. #2

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    If there is a VPN, then there should be no need for SWGFL to make any changes to routers.

    Site A, put a static route for site B's IP Range on the servers of site A. Static Route should be the site A VPN device
    Site B, put a static route for site A's IP Range on the servers of site B. Static Route should be the site B VPN device

    That should sort it in a crude way.

  3. Thanks to twin--turbo from:

    pirran (8th October 2012)

  4. #3

    Join Date
    May 2012
    Location
    South West
    Posts
    11
    Thank Post
    5
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    thanks for the help.

    To confirm, on the DCs (or just DC with DNS server?) I'm adding a static route via CMD with -p to add to registry?

    This will add a route, so send data destined for the remote ip range to the LAN address of the local VPN device. This in turn will pass only the traffic destined for the remote site over the VPN tunnel ?

    yet again, thank you for getting back to my question so quickly. I've only just started working for a school so edugeek is new to me!

  5. #4

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    any server that needs to talk to the other side needs the route

    and yes you need the -p to make it a persistent route.

  6. Thanks to twin--turbo from:

    pirran (8th October 2012)

  7. #5

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 769 Times in 598 Posts
    Rep Power
    181
    You also want to make sure that you sort out your AD Sites & Services so that it is aware of the subnets and what should be replicating where. Unless there is a specific need for a child domain or the link is really slow I would consider keeping just one domain.

  8. Thanks to Ric_ from:

    pirran (8th October 2012)

SHARE:
+ Post New Thread

Similar Threads

  1. Site to Site Leased Line
    By TronXP in forum Wireless Networks
    Replies: 7
    Last Post: 20th November 2009, 10:13 AM
  2. Migrating a 1.0 site to 1.5
    By SimpleSi in forum EduGeek Joomla 1.5 Package
    Replies: 5
    Last Post: 25th May 2008, 01:19 PM
  3. Best Site to learn php and mysql?
    By My220x in forum Coding
    Replies: 11
    Last Post: 23rd April 2008, 08:58 AM
  4. Online Messanger site to block
    By here_hare_here in forum Network and Classroom Management
    Replies: 1
    Last Post: 21st February 2007, 09:27 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •