[tt]
Main Office
_________________ _________________
| | | |
| | __________ | |
| 192.168.10.x | <---> |Cisco 2600| <---> | 192.168.11.x |
| | | Router | | |
|_______________| |__________| |_______________|
|
|
\/
___________
| |
| |
| Pix F/W |
|__________| /----------\
| / \
| / \
|--------> | Internet |
VPN to 15 \ /
\___________/
_
/|
/
Remote Site / VPN to 10/11
____________________
| | _____________
| | | |
| 192.168.15.x |--> | Pix F/W |
| | |___________|
|___________________|
[/tt]
I have a problem with this site-to-site VPN. Pardon the primitive diagram!...
The main office site uses 192.168.10.x and 192.168.11.x, all with 255.255.255.0 subnet mask. The two subnets talk to each other over a Cisco 2600 mutiport router. There is a single 2003 domain at this site, including both subnets.
I have a branch site which uses 192.168.15.x, mask 255.255.255.0 . This site has a VPN connection established to the main office through a PIX 501. They have a 2003 server onsite and are on their own domain. I have established a two-way trust between here and the main office domain. DNS on each side includes a secondary zone for the OTHER side.
Here is my strange problem:
I cannot establish an RDP connection from the 192.168.11.x subnet to the 192.168.15.x subnet – unless and until I do a little trick.
I have to first establish an RDP connection to the 15 segment from the 10 segment. Then, I have to ping an address on the 11 segment from the 15 connection. After doing this, I can establish a connection from 11 to 15. However, I have to do this trick every day before I can establish a direct connection from 11 to 15.
It’s as though a route must be established from 15 to 10 to 11, each day.
BTW, this is NOT a DNS issue. It behaves identically, whether by name or IP address.
Anyone have any thoughts on this?
Main Office
_________________ _________________
| | | |
| | __________ | |
| 192.168.10.x | <---> |Cisco 2600| <---> | 192.168.11.x |
| | | Router | | |
|_______________| |__________| |_______________|
|
|
\/
___________
| |
| |
| Pix F/W |
|__________| /----------\
| / \
| / \
|--------> | Internet |
VPN to 15 \ /
\___________/
_
/|
/
Remote Site / VPN to 10/11
____________________
| | _____________
| | | |
| 192.168.15.x |--> | Pix F/W |
| | |___________|
|___________________|
[/tt]
I have a problem with this site-to-site VPN. Pardon the primitive diagram!...
The main office site uses 192.168.10.x and 192.168.11.x, all with 255.255.255.0 subnet mask. The two subnets talk to each other over a Cisco 2600 mutiport router. There is a single 2003 domain at this site, including both subnets.
I have a branch site which uses 192.168.15.x, mask 255.255.255.0 . This site has a VPN connection established to the main office through a PIX 501. They have a 2003 server onsite and are on their own domain. I have established a two-way trust between here and the main office domain. DNS on each side includes a secondary zone for the OTHER side.
Here is my strange problem:
I cannot establish an RDP connection from the 192.168.11.x subnet to the 192.168.15.x subnet – unless and until I do a little trick.
I have to first establish an RDP connection to the 15 segment from the 10 segment. Then, I have to ping an address on the 11 segment from the 15 connection. After doing this, I can establish a connection from 11 to 15. However, I have to do this trick every day before I can establish a direct connection from 11 to 15.
It’s as though a route must be established from 15 to 10 to 11, each day.
BTW, this is NOT a DNS issue. It behaves identically, whether by name or IP address.
Anyone have any thoughts on this?