Hi,
I just added a second DSL-line to our Wingate 5.2.3 -server (latest 5-version and build). Now this machine is connected via a nic to our internal network, via a second nic to a ADSL-line and via a third nic to a SDSL-line. The purpose is to use the ADSL-line for normal Internet-traffice and hosted VPN's. The added SDSL-line is just for a SQL-server (port 1493).
Everything looked normal after installation of the third nic. I changed all the services to use the nic connected to the ADSL-line instead of 'use every available line'. To test things I created an www-proxy listening on port 81 instead of 80 and directed this service over the SDSL. In Internet Explorer I changed to use port 81 and there it goes, over the SDSL line.
So far so good. But .... VPN doesn't work anymore, connections can be made, but that's it, all pc's and server are not reachable. When I disable the new third networkcard everything is ok again.
Could it be that VPN is getting confused by this third nic? Eg. is it trying to get out over another IP-adress (over the third nic) than the original connection connected to (the second nic)?
Thank for your help,
Bas.
VPN Fails with two external networks?
Moderator: Qbik Staff
5 posts
• Page 1 of 1
VPN Fails with two external networks?
by Schellevis » Aug 03 04 1:49 am
- Schellevis
- Posts: 11
- Joined: Oct 21 03 1:47 am
by adrien » Aug 03 04 3:25 am
Hi
It's quite possible that the second default gatway setting is confusing WinGate VPN's routing.
How do you specify which services are to use which gateway? Or is this second gateway for inbound connections only?
If the incoming connections are always coming from the same range of IP addresses, you could configure a static subnet route for them to go through the SDLS line, rather than having a default route pointing to that device.
Otherwise, have you tried WinGate 6.0 for this? It handles multiple default routes a lot better.
Adrien
It's quite possible that the second default gatway setting is confusing WinGate VPN's routing.
How do you specify which services are to use which gateway? Or is this second gateway for inbound connections only?
If the incoming connections are always coming from the same range of IP addresses, you could configure a static subnet route for them to go through the SDLS line, rather than having a default route pointing to that device.
Otherwise, have you tried WinGate 6.0 for this? It handles multiple default routes a lot better.
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
by Schellevis » Aug 03 04 6:03 am
Hi Adrien,
In each service on the Interface-tab I've set 'Connections to be made out on the following interface only' to the ADSL-nic except for the SQL-service which points to the SDSL-nic.
Both lines are for inbound and for outbound connections and mostly from diffrent ip-addresses.
I'm missing an option to configure VPN through an specific gateway, like the above tab (Connection to be made out only) in services.
Tonight I'll try set Wingate VPN to port 8809 and I'll create a service listening on the original VPN-port (809) and redirecting this traffic to port 8809. This way I'll be able to control wich nic VPN uses.
Otherwise I'll try Wingate 6?!
Thanks, Bas.
In each service on the Interface-tab I've set 'Connections to be made out on the following interface only' to the ADSL-nic except for the SQL-service which points to the SDSL-nic.
Both lines are for inbound and for outbound connections and mostly from diffrent ip-addresses.
I'm missing an option to configure VPN through an specific gateway, like the above tab (Connection to be made out only) in services.
Tonight I'll try set Wingate VPN to port 8809 and I'll create a service listening on the original VPN-port (809) and redirecting this traffic to port 8809. This way I'll be able to control wich nic VPN uses.
Otherwise I'll try Wingate 6?!
Thanks, Bas.
- Schellevis
- Posts: 11
- Joined: Oct 21 03 1:47 am
by Schellevis » Aug 10 04 11:53 pm
Earth calling Adrien ... ;-)
Well, while waking you up, I might as well give you an update:
- Creating a redirecting service seems to be too difficult, things are getting confused with eachother;
- An update to Wingate 6 doesn't solve the problem, nice though (*not*): the update expires all vpn-certificates! Fortunately I made an export of the registry, downgrading was a peace of cake;
I ended up installing a second pc with another instance of Wingate. For the time being, this works.
Bas.
Well, while waking you up, I might as well give you an update:
- Creating a redirecting service seems to be too difficult, things are getting confused with eachother;
- An update to Wingate 6 doesn't solve the problem, nice though (*not*): the update expires all vpn-certificates! Fortunately I made an export of the registry, downgrading was a peace of cake;
I ended up installing a second pc with another instance of Wingate. For the time being, this works.
Bas.
- Schellevis
- Posts: 11
- Joined: Oct 21 03 1:47 am
by Schellevis » Sep 15 04 9:37 pm
Hello Qbik?!
It's over a month now since the last reaction ....
Please help!
It's over a month now since the last reaction ....
Please help!
- Schellevis
- Posts: 11
- Joined: Oct 21 03 1:47 am
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 12 guests