Basically I have 2 offices, one in one town one in another. Both offices have static IP addresses and identical Belkin F9K1004 VPN routers
I have set up a Gateway to Gateway IPSEC Vlan that, by all accounts, is connected. The problem is, location 1 only ever receives packets and location 2 only ever sends them, never vice versa. Obviously the vlan itself is non functional, devices on one side cannot interact with devices on the other.
Anyway here is how the VLANs are currently set up
Router LAN config for Office 1:
VLAN config for Office 1:
Router LAN config for Office 2:
VLAN config for Office 2:
I'm sitting here at 1:30, suppose to get up for work in 5:30 and got a knot in my stomach over this, I've been doing work for this business for a year now and I just can't find a way to disentangle myself from them. I just want to get this goddamn VLAN working and cut ties with them forever. Networking is not my area of expertise but since I'm their "computer guy" all their hopes and dreams apparently rest with me
If anyone can figure out why this is not working and I can get it working I will buy you a game of your choice on Steam ($50 or less)
What do packets traversing the VLAN (one-way) look like they're doing (and conversely, do you see any weird returns for packets from the non-sendy side?)
Also: firewall settings. If you've got packets only going one way, check the firewall settings on the router. If I recall right, most of these things treat firewall settings completely separately (and do all sorts of weird things as a result).
Both routers have their firewalls disabled, aaand I can't connect to one of the offices for some reason so I'm going to have to drive down there tonight
How do I find out what the packets are doing? They're only being sent from router to router near as I can tell
I've got the VLAN connected and its still derping along
Edit: the Comcast modem they have is actually a fully fledged gateway as well, its possible that is has a firewall on it, but the default login/pw i found online doesn't work for it. Gonna call Comcast and, fuck it, just order them a Comcast business VPN. He'll thank me later
Just throwing this out here (I'm no VPN expert), but can you have your IPs end in a zero? Both of your endpoints have a zero as the last octet (192.168.0.0 and 192.168.1.0). Unless that area is just specifying the range, I don't think that's right.
That's not the IPs, that's just specifying the subnet, the respective IP's are filled in by the router on the other end (they're the same on the VPN as their home network)
I managed to get it working, something is blocking network discovery and NAT but direct XXX.XXX.XXX.XXX\C$ shares work so
If you don't have internal DNS servers so the computers in office 2 know what exists in office 1 and vice versa, you can only use IP addresses to connect. Also, machine queries utilizing broadcast packets do not cross subnets by design, unless you have vpn settings that specifically allow broadcast traffic across the vpn.
Also, you've got public IP's on both ends, no reason to be using NAT Traversal.
Not sure what you mean by "something is blocking NAT".
Just remember that half the people you meet are below average intelligence.
Posts
What do packets traversing the VLAN (one-way) look like they're doing (and conversely, do you see any weird returns for packets from the non-sendy side?)
Also: firewall settings. If you've got packets only going one way, check the firewall settings on the router. If I recall right, most of these things treat firewall settings completely separately (and do all sorts of weird things as a result).
fuck
I've got the VLAN connected and its still derping along
Edit: the Comcast modem they have is actually a fully fledged gateway as well, its possible that is has a firewall on it, but the default login/pw i found online doesn't work for it. Gonna call Comcast and, fuck it, just order them a Comcast business VPN. He'll thank me later
I managed to get it working, something is blocking network discovery and NAT but direct XXX.XXX.XXX.XXX\C$ shares work so
good enough
Also, you've got public IP's on both ends, no reason to be using NAT Traversal.
Not sure what you mean by "something is blocking NAT".
but all is well so no biggy
edit: they had an internet problem whenever it was up that was driving me crazy but it turned out Charter was at fault