Odd VPN problem

[Frostex]

Hi, I have a setup at work with several offices around the world and I've set up VPN connections between them.

We have a central office in the UK, and so far I've setup connections to offices in boston and SanDiego. The UK office runs a PC running linux as the router since we're bonding ADSL lines (which all works fine) and I've used the webmin interface to create VPN connections (tunnels) to both other offices.

The other 2 offices both have fairly average VPN routers installed for web access, the tunnels terminate there. All the networks have different subnets so we can access devices across the tunnels using the real IP's, everything works from UK outbound, including connecting to the SBS servers in Boston and SanDiego, but while RDP into them servers I cannot ping anything on our local UK network, including my own PC.

Anyone know the likely cause of this? It appears that their end just doesnt know the route back to our network...

Thanks

 

[MorfiusX]

Are they Cisco devices? If so, you have to create another IPSec rule for ICMP as it is a separate protocol from TCP.

 

[Frostex]

Nope, not that good im afraid...they're actually netgear routers.

At our end (UK) the firewall should let everything through the VPN, in fact the tunnel should terminate on the LAN side of the firewall so no traffic between the 2 networks is blocked, at least thats how I understand it. Either way IMCP is enabled on firewall to allow the other offices to ping its external IP...

I'm a bit baffled its like the tunnel only works one way, except that we can RDP into machines on their end which is obviously sending data back to our network so we can see what is going on...doesn't make much sense to me.

 

[Frostex]

Ah never mind I've got it...

The firewall at our end needed additional rules adding to allow the vpn traffic back through

I was under the assumption that the tunnel terminated inside the network at our end and wasn't effected by the firewall on the router but obviously it is, my bad.