Site-to-Site VPN with Win2K

0 Votes

Site-to-Site VPN with Win2K


We have four branches connecting via ADSL VPN to the Head Office.

Each side has an NetGear DG834GT ADSL Router and Windows 2000 is acting as the VPN server at each side.

From a VPN perspective all is working 100%.

Yet, as we do not have our own static ip's for mail hosting, the mail server is situated on the Net at our ISP.

All four branches could VPN to Head Office and use their local ADSL connection to retrieve e-mail from the ISP or browse the web.

Now for the second time, the one branch can VPN to Head Office, but can't retrieve their e-mail via the ADSL...

From this "faulty" branch's VPN server, I can VPN to HO and connect to the Net when directly on the server.

Yet any client machines behind the VPN server can not connect to the internet. (In the past they could though). Any packets send to the Net is simply terminated at the near side of the VPN server. Pinging the far side of the VPN server allows for ICMP replies, yet NO packet GOES NO FURTHER...

The "Enable IP Routing" is ticked within the "IP tab" under the Routing and Remote Access Properties.

Even the "IPEnableRouter" is set to 1 within the Registry.

ISA server is NOT installed at any of the servers, with no funny firewall....

I am aware that VPN dial-up clients is NOT allowed to do "split tunneling". (Intranet and Internet at the same time)

But this is a site-to-site VPN setup, of which they could connect to the Net via their ADSL connection and VPN to the HO in the past. Now I can't fix it....

Any guys/gals with knowledge out there to help fix this?

Will be greatly appreciated.