routing problem site to site

i have two server 2003 machines setup for site to site vpn
connections.

the first site has a subnet of 192.168.2.0
the second site has a subnet of 192.168.1.0
masks are 255.255.255.0 on all
the connections works fine and the static routes are configured as
follows

first site 192.168.2.0
second site 192.168.1.0

i am unable to ping from a client behind the first router and get a
response from a client on behind the opposing router. however i can
ping the other router with its respective ip address on the other
subnet, 192.168.1.110 from the client of 192.168.2.5. the reverse is
also true from the other side.

so i have clients on both networks that cannot see each other, but can
only see the router of the other subnet that it is connected to, and
nothing else.?

any suggestions?

How exactly did you set up these static routes? Are they linked to the
demand-dial interfaces?

The standard approach is to link a subnet route for the "other" subnet
to the demand-dial interface. When a connection is made, these routes are
added to the routing table.

So here is a check list.
1. Does each RRAS router have a subnet route to the "other" subnet linked to
its demand-dial interface?
2. When the VPN connects, are both dd interfaces bound to the connection (ie
do they change to "connected" status)?
3. If both interfaces are connected, are the static routes added to the
routing table?
4. Is the RRAS router the default gateway of the LAN?

When the connection is up, the VPN link should work just like a simple
IP router.

"daane" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> i have two server 2003 machines setup for site to site vpn
> connections.
>
> the first site has a subnet of 192.168.2.0
> the second site has a subnet of 192.168.1.0
> masks are 255.255.255.0 on all
> the connections works fine and the static routes are configured as
> follows
>
> first site 192.168.2.0
> second site 192.168.1.0
>
> i am unable to ping from a client behind the first router and get a
> response from a client on behind the opposing router. however i can
> ping the other router with its respective ip address on the other
> subnet, 192.168.1.110 from the client of 192.168.2.5. the reverse is
> also true from the other side.
>
> so i have clients on both networks that cannot see each other, but can
> only see the router of the other subnet that it is connected to, and
> nothing else.?
>
> any suggestions?

everything is setup the way you mention it, i forgot to mention that on site
1 a nat interface is enabled, site 2 is just a dmz behind a router.

everything appears to be connected, but connectivity between the two
networks isn't possible.

in the routing table for site 1 the route for 192.168.1.0 goes to the
gateway address of 192.168.2.99 which is the ip assigned to the network 2
router on my subnet. is this the way it should be connecting? or should it
192.168.1.0 forward to something like 192.168.1.110 as its gateway on the
other subnet?

i am a little new at this!

"Bill Grant" <not.available@online> wrote in message
news:#(E-Mail Removed)...
> How exactly did you set up these static routes? Are they linked to the
> demand-dial interfaces?
>
> The standard approach is to link a subnet route for the "other" subnet
> to the demand-dial interface. When a connection is made, these routes are
> added to the routing table.
>
> So here is a check list.
> 1. Does each RRAS router have a subnet route to the "other" subnet linked
to
> its demand-dial interface?
> 2. When the VPN connects, are both dd interfaces bound to the connection
(ie
> do they change to "connected" status)?
> 3. If both interfaces are connected, are the static routes added to the
> routing table?
> 4. Is the RRAS router the default gateway of the LAN?
>
> When the connection is up, the VPN link should work just like a simple
> IP router.
>
> "daane" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) om...
> > i have two server 2003 machines setup for site to site vpn
> > connections.
> >
> > the first site has a subnet of 192.168.2.0
> > the second site has a subnet of 192.168.1.0
> > masks are 255.255.255.0 on all
> > the connections works fine and the static routes are configured as
> > follows
> >
> > first site 192.168.2.0
> > second site 192.168.1.0
> >
> > i am unable to ping from a client behind the first router and get a
> > response from a client on behind the opposing router. however i can
> > ping the other router with its respective ip address on the other
> > subnet, 192.168.1.110 from the client of 192.168.2.5. the reverse is
> > also true from the other side.
> >
> > so i have clients on both networks that cannot see each other, but can
> > only see the router of the other subnet that it is connected to, and
> > nothing else.?
> >
> > any suggestions?
>
>