As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

Why isn't this VPN working?! NSF56k

override367override367 ALL minionsRegistered User regular
Basically I have 2 offices, one in one town one in another. Both offices have static IP addresses and identical Belkin F9K1004 VPN routers

I have set up a Gateway to Gateway IPSEC Vlan that, by all accounts, is connected. The problem is, location 1 only ever receives packets and location 2 only ever sends them, never vice versa. Obviously the vlan itself is non functional, devices on one side cannot interact with devices on the other.


Anyway here is how the VLANs are currently set up

Router LAN config for Office 1:

vpn1config_zpscd0c273b.png

VLAN config for Office 1:

vpn1c_zpsb901fdc2.png
vpn1_zps46bd3538.png
vpn1b_zpsa777b7e5.png
vpn1d_zps5f606f3f.png

Router LAN config for Office 2:

vpn2config_zpsfa74834d.png

VLAN config for Office 2:

vpn2b_zps23d2ccf3.png
vpn2_zpsbeb28c28.png
vpn2aa_zpsc6613a30.png
vpn2c_zps6243346c.png

I'm sitting here at 1:30, suppose to get up for work in 5:30 and got a knot in my stomach over this, I've been doing work for this business for a year now and I just can't find a way to disentangle myself from them. I just want to get this goddamn VLAN working and cut ties with them forever. Networking is not my area of expertise but since I'm their "computer guy" all their hopes and dreams apparently rest with me

If anyone can figure out why this is not working and I can get it working I will buy you a game of your choice on Steam ($50 or less)

override367 on

Posts

  • electricitylikesmeelectricitylikesme Registered User regular
    Have you tried running Wireshark on both sides?

    What do packets traversing the VLAN (one-way) look like they're doing (and conversely, do you see any weird returns for packets from the non-sendy side?)

    Also: firewall settings. If you've got packets only going one way, check the firewall settings on the router. If I recall right, most of these things treat firewall settings completely separately (and do all sorts of weird things as a result).

  • override367override367 ALL minions Registered User regular
    Both routers have their firewalls disabled, aaand I can't connect to one of the offices for some reason so I'm going to have to drive down there tonight

    fuck

  • override367override367 ALL minions Registered User regular
    edited January 2013
    How do I find out what the packets are doing? They're only being sent from router to router near as I can tell

    I've got the VLAN connected and its still derping along

    Edit: the Comcast modem they have is actually a fully fledged gateway as well, its possible that is has a firewall on it, but the default login/pw i found online doesn't work for it. Gonna call Comcast and, fuck it, just order them a Comcast business VPN. He'll thank me later

    override367 on
  • SeñorAmorSeñorAmor !!! Registered User regular
    Just throwing this out here (I'm no VPN expert), but can you have your IPs end in a zero? Both of your endpoints have a zero as the last octet (192.168.0.0 and 192.168.1.0). Unless that area is just specifying the range, I don't think that's right.

  • override367override367 ALL minions Registered User regular
    That's not the IPs, that's just specifying the subnet, the respective IP's are filled in by the router on the other end (they're the same on the VPN as their home network)

    I managed to get it working, something is blocking network discovery and NAT but direct XXX.XXX.XXX.XXX\C$ shares work so

    good enough

  • SiliconStewSiliconStew Registered User regular
    If you don't have internal DNS servers so the computers in office 2 know what exists in office 1 and vice versa, you can only use IP addresses to connect. Also, machine queries utilizing broadcast packets do not cross subnets by design, unless you have vpn settings that specifically allow broadcast traffic across the vpn.

    Also, you've got public IP's on both ends, no reason to be using NAT Traversal.

    Not sure what you mean by "something is blocking NAT".

    Just remember that half the people you meet are below average intelligence.
  • override367override367 ALL minions Registered User regular
    edited February 2013
    Networking isn't really my thing, I took Cisco 10 years ago lol

    but all is well so no biggy

    edit: they had an internet problem whenever it was up that was driving me crazy but it turned out Charter was at fault

    override367 on
Sign In or Register to comment.