SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > LAN & WAN > Routers

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 11-19-2012, 03:55 AM
Nick Nick is offline
New Member
 
Join Date: Nov 2012
Posts: 2
Thanks: 1
Thanked 0 Times in 0 Posts
Nick is just starting out
Question VPN Client Can't Ping LAN Clients After Replacing LAN Router

Hi, I just replaced my old router (TRENDnet TEW-633GR) with an ASUS RT-N66U. I've copied over all of my settings (port forwarding, static routes, etc) to get the new router set up and running. However, I'm having issues with VPN clients not being able to communicate with LAN clients. I'm using Windows Server 2008 R2 Standard RRAS as the VPN server, and it was working fine until I replaced the router.

First, a few IP addresses on the LAN:
Router: 192.168.1.1
VPN Server: 192.168.1.76 and 192.168.128.2 (Single NIC; this server also handles DHCP, DNS, and file/print sharing.)
VPN Client: 192.168.128.3
LAN Desktop: 192.168.1.50 and 192.168.1.51 (Dual NICs)
LAN Laptop: 192.168.1.204 (or 192.168.1.244 when connected through VPN)

The VPN client (another server running Windows Server 2008 R2 Web edition) is unable to ping anything except the VPN server (either of its IPs work), the router, and any other VPN clients. However, any of the directly-connected LAN clients (such as 192.168.1.50) can ping the VPN client, and it will respond. Even though my desktop and laptop are connected directly to the LAN, if I connect to the VPN server on either of them, I can access the remote VPN client that way. Firewalls and client machine software/configurations should be mostly ruled out since it worked with the old router. Oddly enough, the router and VPN client can ping each other both ways without issue. I am using the stock ASUS firmware that came with the router as well.

Any ideas on what could be causing this?

Thanks!
Reply With Quote
  #2  
Old 11-19-2012, 04:36 AM
Nick Nick is offline
New Member
 
Join Date: Nov 2012
Posts: 2
Thanks: 1
Thanked 0 Times in 0 Posts
Nick is just starting out
Default

Turns out the router's firewall was dropping packets from the VPN clients (possibly because they're on a different subnet or because of how the VPN server adds clients to the network). Oddly enough, nothing was showing up in the firewall logs about it dropping these packets.

Anyhow, I was able to fix it by running iptables -t nat -A POSTROUTING -o br0 -s 192.168.0.0/16 -d 192.168.0.0/16 -j MASQUERADE on the router. (By default, it had 192.168.1.0/24.) I was able to figure this out thanks to lfbb's post regarding a related issue.

Last edited by Nick; 11-19-2012 at 04:46 AM.
Reply With Quote
Reply

Tags
ping, router, routing, vpn

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


All times are GMT -4. The time now is 08:21 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  494
azazel1024  164
KGB7  140
stevech  139
sinshiva  112
hggomes  92
microchip  86
sm00thpapa  85
philmiami  82
Kel-L  81
RMerlin  5503
stevech  322
ryzhov_al  262
TeHashX  214
L&LD  188
RogerSC  187
sinshiva  139
joegreat  123
jlake  122
sfx2000  118
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  73015
Old Asuswrt-Merli...  58289
Old Asuswrt-Merli...  15516
Old Asus locking...  8702
Old ASUS...  6458
Old Incoming...  5855
Old [Fork]...  5486
Old Asus...  4929
Old NETGEAR...  4534
Old How many of...  4445
Old Asuswrt-Merli...  392
Old Asuswrt-Merli...  389
Old Asus locking...  125
Old Asuswrt-Merli...  109
Old [Fork]...  58
Old Asus...  51
Old ASUS...  48
Old NETGEAR...  47
Old How many of...  47
Old Inherited PC...  45


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.