Hi,
I have almost created a VPN between two LANs that I'll call LAN_A and LAN_B.
RouterA can call RouterB and successfully establish a VPN between LAN_A
and LAN_B. The Zywall 5 are not directly connected to the internet
through two others routers.
A simple diagram follows.
LAN_A (192.168.0.X/255.255.255.0)
|
(192.168.0.1
Zywall5
192.168.1.2)
|
(192.168.1.1
RouterA
publicAddressA)
----internet----
(publicAddressB
RouterB
192.168.2.1)
|
(192.168.2.2
Zywall5 ---DMZ---10.1.2.1------10.1.2.2-Server1
10.1.1.253)
|
LAN_B 10.1.1.X/255.255.255.0
When I start a tracert command from LAN_A I can get into LAB_B in just 2
steps and have no problem whereas I can't establish any TCP connection
starting from LAN_B neither from DMZ. A couple of traceroutes from DMZ
towards two different machines in LAN_B network follows.
When I start a tracert command from Server1 locate in DMZ the behaviour
seems strange to me:
traceroute to 192.168.0.6 (192.168.0.6), 30 hops max, 40 byte packets
1 10.1.2.1 (10.1.2.1) 1 ms 1 ms 1 ms
2 192.168.2.1 (192.168.2.1) 2 ms 2 ms 2 ms
3 37.253.125.1 (37.253.125.1) 8 ms 8 ms 8 ms
4 10.3.7.194 (10.3.7.194) 9 ms 8 ms 9 ms
5 10.254.1.181 (10.254.1.181) 9 ms 9 ms 8 ms
6 * * *
......
traceroute to 192.168.0.11 (192.168.0.11), 30 hops max, 40 byte packets
1 10.1.2.1 (10.1.2.1) 1 ms 1 ms 1 ms
2 192.168.2.1 (192.168.2.1) 2 ms 2 ms 2 ms
3 37.253.125.1 (37.253.125.1) 8 ms 8 ms 12 ms
4 10.3.7.193 (10.3.7.193) 8 ms 9 ms 8 ms
5 10.254.1.177 (10.254.1.177) 9 ms 9 ms 8 ms
6 * * *
......
That's when I start a tracert command from LAN_B I can'tget into LAB_A
and while at the 3rd step I might thing the packet is travelling right
to the destination at the 4th step I'm almost sure the RouterB is
malfunctioning.
Question: anyone can explain to me why RouterB shows that behaviour?
Thank you
Daniele Cremonini
|
Similar Threads
Linear Mode
