Site-to-Site PPTP VPN connection between two Windows Server 2008 R2 servers

Posted by steve_eyre on Server Fault See other posts from Server Fault or by steve_eyre
Published on 2014-06-07T11:09:08Z Indexed on 2014/06/07 15:26 UTC
Read the original article Hit count: 419

We have two Windows Server 2008 R2 machines, one in our main office and one in a new office which we have just moved offsite. The main office has previously been handling client-to-server PPTP VPN connections.

Now that we have moved our second server out of office, we want to set up a demand-dial or persistent VPN connection from the second server to the primary. Using a custom setting RRAS profile, we have successfully managed to set up a site-to-site VPN connection so that from the second server itself, it can access any of the devices in the main office and communicate back. However, any connected machines in the second office cannot use this connection, even when using the second server as gateway.

The demand-dial interface is setup from the Second Server dialing into Main Server and a static route set up on RRAS for 192.168.0.0 with subnet mask 255.255.0.0 pointing down this network interface.

The main office has the network of 192.168.0.0/16 (subnet mask 255.255.0.0). The second office has the network of 172.16.100.0/24 (subnet mask 255.255.255.0).

What steps do we need to take to ensure traffic from the second office PCs going towards 192.168.x.x addresses use the VPN route? Many Thanks in advance for any help the community can offer.

Debug Information

Here is the route print output from the second server:

===========================================================================
Interface List
 23...........................Main Office
 22...........................RAS (Dial In) Interface
 16...e0 db 55 12 fa 02 ......Local Area Connection - Virtual Network
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   172.16.100.250   172.16.100.222    261
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
 <MAIN OFFICE IP>  255.255.255.255   172.16.100.250   172.16.100.222      6
     172.16.100.0    255.255.255.0         On-link    172.16.100.222    261
   172.16.100.113  255.255.255.255         On-link    172.16.100.113    306
   172.16.100.222  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.223  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.224  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.225  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.226  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.227  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.228  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.229  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.230  255.255.255.255         On-link    172.16.100.222    261
   172.16.100.255  255.255.255.255         On-link    172.16.100.222    261
      192.168.0.0      255.255.0.0   192.168.101.87   192.168.101.17    266
   192.168.101.17  255.255.255.255         On-link    192.168.101.17    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    172.16.100.222    261
        224.0.0.0        240.0.0.0         On-link    172.16.100.113    306
        224.0.0.0        240.0.0.0         On-link    192.168.101.17    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    172.16.100.222    261
  255.255.255.255  255.255.255.255         On-link    172.16.100.113    306
  255.255.255.255  255.255.255.255         On-link    192.168.101.17    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.0.200  Default
          0.0.0.0          0.0.0.0   172.16.100.250  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16    261 fe80::/64                On-link
 16    261 fe80::edf4:85c6:3c15:dcbe/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    261 ff00::/8                 On-link
 22    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

And here is the route print from one of the second office PCs:

===========================================================================
Interface List
 11...10 78 d2 32 53 27 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   172.16.100.250   172.16.100.103     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     172.16.100.0    255.255.255.0         On-link    172.16.100.103    266
   172.16.100.103  255.255.255.255         On-link    172.16.100.103    266
   172.16.100.255  255.255.255.255         On-link    172.16.100.103    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    172.16.100.103    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    172.16.100.103    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    266 fe80::/64                On-link
 11    266 fe80::e973:de17:a045:aa78/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

© Server Fault or respective owner

Related posts about windows-server-2008

Related posts about vpn