I have set up the IPSEC vpn between the two remote sites and the connection is up but whilst I was at site B with my laptop connected I was unable to ping the devices at site a.

site A 192.168.30.X
site B 192.168.50.X

site A has 2 devices connected 192.168.30.250 and 251, both respond to pings from site A's router (Diagnostics> ping diagnosis) but if I ping from site B's router I get Request timed out!!!. however I can ping the LAN IP address 192.168.30.1 of Site A's router from Site B's router and it works.

There is nothing connected to Site B's router for me to try pinging but from site A's router I can Ping the IP address of Site B's router (192.168.50.1) and it works.

TCP/IP Network settings (site A)
My WAN IP 0.0.0.0
Remote Gateway IP 0.0.0.0
Remote Network IP 192.168.50.0
Remote Network Mask 255.255.255.0
Local Network IP 192.168.30.1
Local Network Mask 255.255.255.0

TCP/IP Network settings (site B)
My WAN IP 0.0.0.0
Remote Gateway IP 0.0.0.0
Remote Network IP 192.168.30.0
Remote Network Mask 255.255.255.0
Local Network IP 192.168.50.1
Local Network Mask 255.255.255.0

A am sure that I followed the example on the disk that came with the routers with care, but assume I am missing something. (the only thing that I did differently was to tick the Enable this Profile box as it is shown unticked in the example )

Does the fact that the connection is up indicate the everything in dial out and dial in is OK including the IKE Pre-shared Key?

can any one offer advice please?

if the connection is up then Pre Shared Key and other VPN details are good.

Could you expand the details to include the Local IP of the 2830 at the other end?

e.g.

TCP/IP Network settings (site A)
My WAN IP 0.0.0.0
Remote Gateway IP 192.168.50.1
Remote Network IP 192.168.50.0
Remote Network Mask 255.255.255.0
Local Network IP 192.168.30.1
Local Network Mask 255.255.255.0

TCP/IP Network settings (site B)
My WAN IP 0.0.0.0
Remote Gateway IP 192.168.30.1
Remote Network IP 192.168.30.0
Remote Network Mask 255.255.255.0
Local Network IP 192.168.50.1
Local Network Mask 255.255.255.0

Does this help? Regards, Neal

Ok I tried that then tried to ping 192.168.30.250.from site B's router but still the same Request timed out !!!

It does say in the example that I was following that the Remote Gateway IP should be left at 0.0.0.0 though. I'm happy to try anything.

It seems odd to me that according to the guide I should set the Remote Network IP to 192.168.30.0 (ending in a 0) yet the local network IP field which the router filled in it's self ends with a 1 which would be the gateway address of the local network, the router would know this since it is its own address.

I assume that once it is working the whole range of IP addresses on the other network the 30 or 50 subnet should be accessible via the VPN? I did wonder if my problem was that the IP addresses that I am currently testing with are High up in the range 250 and 251. I have no doubt that it is possible to restrict the addresses that can be accessed on the other network (is this done after pressing the more button in the TCP/IP settings section?) but by default presumably all valid addresses can be accessed?

Thanks Dave

Hi,

having this same issue can connect to the remote network / PC's from my local network but cannot ping or connect to any from the remote network to my local network.

did you happen to figure this out in the end?

thanks,

Hi Guys,

You have probably done this but you do know that now firewall rules apply to vpn traffic, I had this accross a VPN where the VPN established but could not access anything, I had to create a firewall rule to allow both subnets full access to each other, I know I could limit it down but the traffic is clean so I just opened up all ports.

Regards

John

Also, look into any AV programs or windows firewall. These programs often only allow access to a computer from its own local subnet. Because the VPN remote site is on a different local subnet these default settings will block any attempt at communication from the remote site.