This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use a station as a router

Hi,
I'm new in the VPN technology and i'm really lost about some features [:(]

We need to make a demonstration to one of our customer.

For this, we need a tunnel between our datacenter and the customer.

I have successfully configured a VPN SSL remote access on my laptop.
My laptop ping the remote network.

I have enable routing on this laptop.

I configure a thin client with this laptop as a gateway.
I can ping the Astaro virtual interface, but i can't reach the remote vlan.
I have created FW rule that allow any network, any services to access any network.

Maybee i forgot to configure something ?

A little help will be very apprecied.
Thanks.

Configuration :
Laptop (Routing enabled)
192.168.0.100
255.255.255.0
GW : 192.168.0.254
this laptop is connected to the remote network with the VPN SSL remote access.

Thin client
192.168.0.101
255.255.255.0
GW : 192.168.0.100

This thread was automatically locked due to age.

Parents

0 BAlfson over 14 years ago

I guess you will need a static gateway route in the Astaro to allow return traffic to go back through the tunnel: '192.168.0.0 -> 172.16.16.6'.  If that isn't enough...

From the laptop, if you can't reach the 172.16.1.0/27 network, please show the output from route print on the laptop.  Also, what version of Windows?

Please show a pic of the 'Remote access settings' from the 'Global' tab.  Do you see any relaed traffic blocked in the packet filter?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

0 Miracle over 14 years ago in reply to BAlfson

Hi, here the route print from the "Laptop" (a vm actually) that was connected via remote vpn ssl

====================================================

=======================

Liste d'Interfaces

0x1 ........................... MS TCP Loopback interface

0x2 ...00 0c 29 cf e7 79 ...... VMware Accelerated AMD PCNet Adapter - Miniport d'ordonnancement de paquets

0x3 ...00 ff 3c 25 4d 7c ...... Astaro SSL VPN Adapter - Miniport d'ordonnancement de paquets

===========================================================================

===========================================================================

Itin‚raires actifsÿ:

Destination r‚seau    Masque r‚seau  Adr. passerelle   Adr. interface M‚trique

          0.0.0.0          0.0.0.0    192.168.0.254   192.168.0.107	  10

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1

       172.16.1.0  255.255.255.224      172.16.16.5     172.16.16.6	  1

      172.16.16.1  255.255.255.255      172.16.16.5     172.16.16.6	  1

      172.16.16.4  255.255.255.252      172.16.16.6     172.16.16.6	  1

      172.16.16.6  255.255.255.255        127.0.0.1       127.0.0.1	  1

   172.16.255.255  255.255.255.255      172.16.16.6     172.16.16.6	  1

      192.168.0.0    255.255.255.0    192.168.0.107   192.168.0.107	  10

    192.168.0.107  255.255.255.255        127.0.0.1       127.0.0.1	  10

    192.168.0.255  255.255.255.255    192.168.0.107   192.168.0.107	  10

        224.0.0.0        240.0.0.0      172.16.16.6     172.16.16.6	  1

        224.0.0.0        240.0.0.0    192.168.0.107   192.168.0.107	  10

  255.255.255.255  255.255.255.255      172.16.16.6     172.16.16.6	  1

  255.255.255.255  255.255.255.255    192.168.0.107   192.168.0.107	  1

Passerelle par d‚fautÿ:     192.168.0.254

===========================================================================

Itin‚raires persistantsÿ:

  Aucun

Picture of the vpn configuration will not give you valuable information.
I juste create a rule that give access to a AD group object to the target vlan object.
The autopacket filtering option is not checked but a firewall rule with any to any (any services) is created.

The VPN work correctly, the machine is connected to the distant VLAN.
The thing i can't make it work is to use this computer as a gateway for other computers.

Hope this will help you to understand my pb.

Reply

0 Miracle over 14 years ago in reply to BAlfson

Hi, here the route print from the "Laptop" (a vm actually) that was connected via remote vpn ssl

====================================================

=======================

Liste d'Interfaces

0x1 ........................... MS TCP Loopback interface

0x2 ...00 0c 29 cf e7 79 ...... VMware Accelerated AMD PCNet Adapter - Miniport d'ordonnancement de paquets

0x3 ...00 ff 3c 25 4d 7c ...... Astaro SSL VPN Adapter - Miniport d'ordonnancement de paquets

===========================================================================

===========================================================================

Itin‚raires actifsÿ:

Destination r‚seau    Masque r‚seau  Adr. passerelle   Adr. interface M‚trique

          0.0.0.0          0.0.0.0    192.168.0.254   192.168.0.107	  10

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1

       172.16.1.0  255.255.255.224      172.16.16.5     172.16.16.6	  1

      172.16.16.1  255.255.255.255      172.16.16.5     172.16.16.6	  1

      172.16.16.4  255.255.255.252      172.16.16.6     172.16.16.6	  1

      172.16.16.6  255.255.255.255        127.0.0.1       127.0.0.1	  1

   172.16.255.255  255.255.255.255      172.16.16.6     172.16.16.6	  1

      192.168.0.0    255.255.255.0    192.168.0.107   192.168.0.107	  10

    192.168.0.107  255.255.255.255        127.0.0.1       127.0.0.1	  10

    192.168.0.255  255.255.255.255    192.168.0.107   192.168.0.107	  10

        224.0.0.0        240.0.0.0      172.16.16.6     172.16.16.6	  1

        224.0.0.0        240.0.0.0    192.168.0.107   192.168.0.107	  10

  255.255.255.255  255.255.255.255      172.16.16.6     172.16.16.6	  1

  255.255.255.255  255.255.255.255    192.168.0.107   192.168.0.107	  1

Passerelle par d‚fautÿ:     192.168.0.254

===========================================================================

Itin‚raires persistantsÿ:

  Aucun

Children

No Data