VPN Routing

[atreus769]

Ok, please bare with me I don't know much about networking but i've been put in charge to do this.

Our software that we use for our business connects to a remote location through a vpn tunnel. Our local network is 172.22.12.0/255.255.255.0. The router for the remote location is 172.22.12.1/255.255.255.0. For our software to work at our main office every computer(Windows XP) has a route add 172.21.1.0 mask 255.255.255.0 172.22.12.1 which allows them to use the software. We now have a branch office that connects to us through a VPN tunnel. Their local network is 172.22.11.0. After setting up the VPN tunnel, we are using router to router for it, I tried to do the route add 172.21.1.0 mask 255.255.255.0 172.22.12.1 but the computer wouldn't let me because the gateway does not lie on the same network. Now if i make the vpn tunnel so that it is going to the remote network of 172.21.1.0 it works great but then they can't use the local network at all. How can I fix this? We are using Windows XP SP2 for our OS and DI-804HV for our VPN routers.
This is how it is setup right now:

Branch Office Main Office
172.22.11.0 -> VPN -> 172.21.1.0
This allows them to use the software but not access the network, i.e. the server

This is how I want to set it up so they can use the software and access the network

Branch Office Main Office
172.22.11.0 -> VPN -> 172.22.12.0
Then have the routes 172.21.1.0 -> 172.22.12.1 for the branch office

 

[msworld]

I am not sure I understand your networks, but you need at least two route. One go to 172.22.12.0 and another other one to go 172.21.1. Also make sure the route cab be return. This post may help,

internetworking routing
Routing in an Internetwork 1/3. In this example, there are three networks and two ... Q: Internetworking Routing. Hello, need your help on this one, please. ...

http://www.chicagotech.net/Q&A/vpn18.htm

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on

http://www.HowToNetworking.com

 

[atreus769]

I'll try to see if I can explain it a little better.

At the Main Office our network look likes this:
Router: 172.22.12.30
Server: 172.22.12.50

Our software connects to a 3rd party through a vpn the router for that is 172.22.12.1. There are two ip's that we use to connect to, they are 172.21.1.6 and 172.29.13.14. So I have 2 persistent static routes on every machine by doing:
route add 172.21.1.0 mask 255.255.255.0 172.22.12.1 -p
route add 172.29.13.0 mask 255.255.255.0 172.22.12.1 -p

Our branch office network looks like this:
Router 172.22.11.10

They do not have a server there but we have 2 vpn routers at both locations. The PC's at the branch office needs access to the same addresses as the PC's at the main office so this is what I try:
route add 172.21.1.0 mask 255.255.255.0 172.22.12.1 -p
route add 172.29.13.0 mask 255.255.255.0 172.22.12.1 -p

But whenever I do that I get an error saying that the gateway does not lie on the same network. I need the branch office PC's to be able to access these two addresses through the gateway of 172.22.12.1 and I need them to be able to access the Main office internal network also of 172.22.12.0

 

[ShoKashuki]

Ever resolve this? It looks like the thread dies without giving you an answer.

 

[atreus769]

Yes I did finally resolve this. I ended up having to put 3 different routers at our Main office and setup 3 different VPN tunnels on the remote office router for each network.