Dear All,

I have the following setup and wondered if someone may be able to shed some light on a routing issue I'm having.

The VPN Established ok and I can ping from Site 2 to anything on SITE1 (PC's and Router). I can't however get anything to ping from Site1 one to Site2

From the SITE1 RTR if I ping the Site2 RTR it times out. However if I try the reverse, pinging site 1 rtr from site 2 it works.

I've tried swapping the profiles so Site1 is Dial-out and site2 is dial-in but the same problem occurs.

Draytek 2820
SITE 1:
SUBNET : 10.0.0.x / 16
ROUTER IP: 10.0.0.1
LAN to LAN PROFILE: Dial-in IPSEC TUNNEL
REMOTE NETWORK IP: 192.168.3.0
REMOTE NETWORK MASK: 255.255.255.0

DRAYTEL 2830
SITE 2:
SUBNET : 192.168.3.x / 24
ROUTER IP: 192.168.3.250
LAN to LAN PROFILE: Dial-out IPSEC TUNNEL
REMOTE NETWORK IP: 10.0.0.0
REMOTE NETWORK MASK: 255.255.0.0

There are a couple of things that can cause this - first of all turn off the firewall under Firewall - General Setup, on there set the Data Filter to Disable and see if that allows two way pings, if it does then maybe you've got block rules set up that are blocking traffic going in the other direction.

Also check whether the firewall on the machines on the side could be blocking the traffic - you can confirm that if you're able to ping the router IP but not the other PCs on the network.

The other in this case would be if you're using a PPTP VPN and the username of the VPN is the same as a remote dial-in user. This would then establish as a NAT mode VPN and work in one direction only.