1

I have a Server 2008 R2 machine connected to 2 networks with its 2 network cards.

LAN 192.168.2.0/24 SAN: 192.168.168.0/24

I have a site-to-site VPN with the following network layout:

VPN: 192.168.4.17/29

For some reason whenever my server pings the VPN network it times out most of the time. Machines on my LAN that aren't connected to the SAN have no problem communicating with the VPN. If I disable the SAN network card on the server, it also has no problems communicating with the VPN network.

I've attempted to add a static route to ensure traffic passes through the LAN interface to reach the VPN network but it worked for 2 ping attempts then stopped. Here's my routing table:

 =========================================================================== Interface List 12...00 50 56 aa 00 03 ......Intel(R) PRO/1000 MT Network Connection #2 10...00 50 56 aa 00 02 ......Intel(R) PRO/1000 MT Network Connection 1...........................Software Loopback Interface 1 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.47 266 0.0.0.0 0.0.0.0 192.168.168.5 192.168.168.30 266 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.2.0 255.255.255.0 On-link 192.168.2.47 266 192.168.2.47 255.255.255.255 On-link 192.168.2.47 266 192.168.2.255 255.255.255.255 On-link 192.168.2.47 266 192.168.4.17 255.255.255.255 192.168.2.1 192.168.2.47 11 192.168.168.0 255.255.255.0 On-link 192.168.168.30 266 192.168.168.30 255.255.255.255 On-link 192.168.168.30 266 192.168.168.255 255.255.255.255 On-link 192.168.168.30 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.2.47 266 224.0.0.0 240.0.0.0 On-link 192.168.168.30 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.2.47 266 255.255.255.255 255.255.255.255 On-link 192.168.168.30 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 192.168.2.1 Default 0.0.0.0 0.0.0.0 192.168.168.5 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None

I'm attempting to define it so that any time 192.168.4.X needs to be reached, the packets will be sent to 192.168.2.1 which is my SonicWall router where the VPN is connected. What am I doing wrong?

Improve this question
1
  • Get rid of the Default Gateway on the SAN NIC. Commented Jan 30, 2014 at 18:57

2 Answers 2

Reset to default
1

Stick to one default gateway, and then add your static routes based on which gateway you go with. So if you keep the 192.168.2.1 as your Default Gateway and remove the 192.168.168.5 you'll need to add routes for any subnet that isn't directly connected to that 192.168.168.0/24 network you have direct access to if you want to reach it via that NIC.

Improve this answer
3
  • I have no idea why the 192.168.168.5 network also has a default gateway assigned. Windows did that on its own. I guess I need to delete it then. How do I make this change persistent? Commented Jan 30, 2014 at 17:35
  • If it is getting a DHCP address, you can't. You have to assign the IP statically and then not set a Default Gateway on that NIC. Commented Jan 30, 2014 at 19:22
  • It wasn't using DHCP. Solved it myself with: route delete 0.0.0.0 route add 0.0.0.0 0.0.0.0 192.168.2.1 route add 192.168.4.17 192.168.2.1 -p Commented Jan 30, 2014 at 19:53
1

The problem is that you have two default gateway here. I answered a question just like that a day or two ago.

Setting a static route for a specific network adapter with two network adapters

What you want to do is to have only one of the two network adapter with a default gateway. At that point, all traffic for other network will route through that adapter which has the default gateway.

If you then want to route 192.168.4.x through the other interface, you can add a route that sends that traffic to the gateway of your choice. If that gateway is on the same subnet as your interface which does not have a default gateway defined, then it will go through that interface.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.