At our main office we have the Draytek 2820 router and then 4 remote sites all connect in via VPN Functionailty with Netgear DG834s, data flows fine from remote site to main office but the remote sites cannot connect to another remote site. The main problem is we have a VOIP system at the main site and the remote sites have phones, they can call the main office fine but when calling a remote site they can not hear each other, any suggestions,

Thanks in advance

Just a guess here.

Remote site A needs to tell it's clients how to pass traffic to remote Site B (I.E. pass it up the VPN to head office)

Add "static route"s to the remote site routers with the details of the OTHER remote sites so that traffic gets routed properly.

Without knowing if your VPN router is also the dhcp server for the network or what kind of VPN you are using its hard to write a quick answer but look in that area.

Hi StuC,

Have tried putting a static route in the netgears but it does not allow it, not sure if im puttin it in right! Here is the setup:

Remote Site A IP Range: 192.168.11.0 255.255.255.0
Remote Site B IP Range: 192.168.0.0 255.255.255.0
Head Office IP Range: 192.168.10.0 255.255.255.0

All sites have servers doing the DHCP'in

Basically you need to get the route info in to the end clients path

Try adding a static route to the servers.

Not sure if you are using MS servers if not just google "adding static routes server type"
MS quick Google found this - I've not tried it but it looks plausible.

http://www.ehow.com/how_4528168_static-ip-routing-windows-server.html

Thanks but the static route will need to be in the routers I would of though as its them thats doing the IP routing for the VPN. But for some reason it wont accept what I put in says 'Some settings are wrong, please double check it! ' this is what I have put:

Destination IP Address: 192.168.2.0
IP Subnet Mask: 255.255.255.0
Gateway IP Address: 192.168.10.254 (Draytek 2820 Router at main site)
Metric: 3 (or 2 or any number does not work)

Also tried the route add command on windows just to see if one client will work used this:
route add 192.168.2.0 mask 255.255.255.0 192.168.10.254

but it just times out when I ping a 192.168.2.0 address?

The static route has to define a gateway on the SAME private address range so you can try adding your router lan address.

I can't help feeling we are missing something here that is probably in the manual for VPN setup between multiple sites.

From a windows box try "tracert 192.168.2.1" or some address on the 192.168.2.0 lan to see how far the packets get.

You need to get them past the server and to the router. the reason I said try adding to the server is that the server is the DHCP server so it should be able to pass routing details to clients.

The ping will not work until both ends are sorted of course.
With just one end sorted the packet may get there but be unroutable for return.

Last thing to think about is firewalls, the main router needs to allow traffic Site A - Site B

What I would do is manually add a temporary static route to a PC at Site A AND Site B specify the gateway as the main site router.

Then run pings and tracert to see where traffic goes, it it gets to the main site router and no further then look at firewalls.
If that works you then need to work out how to add that route by dhcp or if it is just a couple of PC's you could do it manually but I'm sure that is bad practice.