×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Newbie - Site to Site VPN - What am I missing?

Unanswered Question
Jan 25th, 2007
User Badges:

I have created a site to site VPN between two 851 routers. First subnet is 10.10.11.0 and the second is 10.10.10.0. What do I need to do to be able to make the two networks look as one?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 01/25/2007 - 22:54
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Joe


Site to site VPN's are used to allow subnets at different sites communicate with each other. They don't make the network look as one as such.


What is the exact problem. Can you not communicate between the two networks. If this is the case could you send copies of the configs of your 851 routers. Be sure to remove any sensitive info such as keys, public IP addresses etc.


Jon

joekennedy62 Fri, 01/26/2007 - 06:51
User Badges:

This is for a school that has two buildings (too far apart to run cable). I can ping the router from either side. However, the teachers in one building need to connect to a computer in the other building to load student attendance. Using windows they connect to a shared folder and run an application.


I can ping the router from either side - just can't connect to the shared drive on the computer.


I'll post router config after I get it (probably over the weekend).


Thanks.

r.docuyanan Thu, 02/01/2007 - 18:18
User Badges:

Hi Joe,


Before you post the config, make sure that you have an access-list that prevents the Natting of Source traffic from one building to another building.


You need to excempt this traffic in order for LAN to LAN communication to work. Though you can ping the router interface.



Btw you need to do this vice-versa


see if the nat excemptions work. Don't use the same access-list you use to create for your VPN Tunnel, use a new one for the nat excemptions

Actions

This Discussion