Re: Site to Site VPN Issues (Can't ping)
Posted: Thu Apr 07, 2016 1:33 pm
[update: the L3 suddenly start working and I don't know what did it. I did add a static route via CMD to the server running the SoftEther VPN Server destination network 192.168.1.0 via 192.168.1.254 but it still didn't work so removed the route and it was then that it started working. I am fairly perplexed but happy right now!]
Hello! I've got a similar issue but perhaps it's my lack of understanding of the relation between Virtual Hub, Virtual L3 Switch, and Virtual Interface. Anyhow, I've got the cascaded bridge going from a site (192.168.1.0) to the VPN server (192.168.2.0). I have a virtual interface on the L3 Switch assigned to this bridge hub at 192.168.1.254 and a VI on this L3 assigned to a second hub at 192.168.2.254. Without any static routes, I can ping the opposite site's VI from either side after adding static routes into the physical routers pointing 192.168.x.0 to the VI. However, when I try to ping a host on 192.168.1.0 from the VPN server side 192.168.2.0, I see a TTL expired message. Strangely, I see a destination host unreachable when doing the same to 192.168.2.0 from a machine on the 192.168.1.0 side. Adding static routes does not seem to have any affect. Does this need to be set up differently? Please excuse my inexperience, I have searched and searched and would not bother anyone here if I was able to find prior information :)
Thank you for any thoughts!
edit- Strangely the 192.168.1.0 can ping one of the machines on 192.168.2.0 and only this one:
Hello! I've got a similar issue but perhaps it's my lack of understanding of the relation between Virtual Hub, Virtual L3 Switch, and Virtual Interface. Anyhow, I've got the cascaded bridge going from a site (192.168.1.0) to the VPN server (192.168.2.0). I have a virtual interface on the L3 Switch assigned to this bridge hub at 192.168.1.254 and a VI on this L3 assigned to a second hub at 192.168.2.254. Without any static routes, I can ping the opposite site's VI from either side after adding static routes into the physical routers pointing 192.168.x.0 to the VI. However, when I try to ping a host on 192.168.1.0 from the VPN server side 192.168.2.0, I see a TTL expired message. Strangely, I see a destination host unreachable when doing the same to 192.168.2.0 from a machine on the 192.168.1.0 side. Adding static routes does not seem to have any affect. Does this need to be set up differently? Please excuse my inexperience, I have searched and searched and would not bother anyone here if I was able to find prior information :)
Thank you for any thoughts!
edit- Strangely the 192.168.1.0 can ping one of the machines on 192.168.2.0 and only this one: