Topic: IPSEC VPN ISSUE (site to site VPN only works one way) (Read 7150 times)

Spdskt · « **on:** January 24, 2013, 08:16:47 PM »

I have two DSR 500N units and have configured a site to site ipsec VPN tunnel. On one side I am using the DHCP server in the router with a ip address subnet of 10.1.2.1/24 on the other side I have DHCP turned of in the router and am using server 2008r2 as the DHCP server. From the side using the router DHCP everything seems to work fine I can connect over the VPN to resources on the server 2008r2 side however from the Server 2008 the only thing I can connect to is router. I can't connect to anything behind the router. I assume this has something to do with not using the DHCP server on the router but I can't figure out how to get around it? I am running firmware 1.04B58_ww Hardware Version A1. I have another issue that I believe is related to this but far less important. The unit the DHCP turned off does not hand out ip address from my server 2008 machine over the wifi network. This was easy to fix by just adding a separate wifi access point but it doesn't explain what the issue is.

HELP!

FurryNutz · « **Reply #1 on:** January 25, 2013, 09:54:05 AM »

Link>Welcome!
What Hardware version is your router? Look at sticker under router.

What region are you located?

What ISP Service do you have? Cable or DSL?
What ISP Modem make and model do you have?

Test with BOTH routers using DHCP and not using the Server 2008 as the DHCP server. Does the connections work in both directions?

Spdskt · « **Reply #2 on:** January 30, 2013, 12:07:33 PM »

Thank you for checking on this I really appreciate it.

Both DSR500N's are hardware version v1 and both are currently running 106B53_WW .
Both units have static IP addresses from Comcast Business fiber.
I am in the USA One unit is in Utah the other Virginia. I am using a DGS-3120-24TC-EI as my "Modem" to Comcast.....

The VPN tunnel works fine if I enable DHCP on both routers and allow them to hand out addresses. Unfortunately I can't allow the DSR to be the DHCP server on the main office side? Currently that is being handled be a Server 2008R2 box.
Is there a routing table that I can change or view in the DSR?

Thank you,
Brian

Spdskt · « **Reply #3 on:** January 31, 2013, 05:16:55 PM »

I have gotten this all working and need to make a correction to my previous post one of the units was NOT updated to the latest firmware. Both units are now running the latest firmware and work perfectly.

FurryNutz · « **Reply #4 on:** January 31, 2013, 05:44:10 PM »

Glad you got it working. Will come in handy for those with 2 of the same units.

Enjoy.

D-Link Forums

News:

Author Topic: IPSEC VPN ISSUE (site to site VPN only works one way) (Read 7150 times)

Spdskt

IPSEC VPN ISSUE (site to site VPN only works one way)

FurryNutz

Re: IPSEC VPN ISSUE (site to site VPN only works one way)

Spdskt

Re: IPSEC VPN ISSUE (site to site VPN only works one way)

Spdskt

Re: IPSEC VPN ISSUE (site to site VPN only works one way)

FurryNutz

Re: IPSEC VPN ISSUE (site to site VPN only works one way) (RESOLVED)