1

I'm trying to set up a VPN between two networks, one home and one office (A and B). Their subnets are (A) 192.168.1.0 and (B) 192.168.0.0

The two networks have identical ADSL routers. Unfortunately they are dial-out only for VPN.

There's a Windows 2008 server on Network B, which I've configured as a VPN server (using the RRAS Wizard): VPNServerB (192.168.0.5). At the moment, Network A's router (RouterA) can establish a PPTP VPN connection to VPNServerB. RouterA is assigned the IP 192.168.0.40 on Network B.

Next I set up a persistent static route from VPNServerB (0.5) telling it to use 0.40 for all requests to Network A's subnet: 192.168.1.0. This enabled VPNServerB to ping all machines on A (and those machines to ping VPNServerB).

Then I set up a persistent static route on a computer on Network B (PC1B) telling it to use 0.5 (the address of VPNServerB) for requests to A's subnet: 192.168.1.0). This enabled PC1B to ping every machine on A and them to ping PC1B.

However, there are printers (eg PR1B) on B which I'd also like to be able to reach from a machine on A. But I can't set up a static route from PR1B to the VPNServerB, so far as I can tell. Is there any way I can access printer PR1B from a machine on Network A?

Thank you.

user76157
  • 11
  • 4

1 Answers1

2

First point to note; what you have here isn't really a site-to-site VPN. A site-to-site VPN is usually handled by two VPN gateways that allow all traffic to be routed. Usually the endpoints of the tunnel are also each network's default gateway, and, as such, don't require a bunch of static routes.

I assume the problem you're having here is that you can't mess with the routing table on the printer; so it has no idea how to return the traffic it's receiving from the remote network.

Technically, if the printer's default gateway knows how to reach the remote machine's subnet, communication should work. There are other variables in play, but it should work. The other option is to setup NAT on the machine connecting to the network with the printer. If you have NAT enabled, all traffic to the printer from the remote subnet will appear as if it's coming from the printer's local subnet and the printer will respond to the NAT gateway which will handle the rest.

Not sure how else you could solve this (other than changing the printer's default gateway to RRAS assigned IP address).

Sean C.
  • 954
  • 5
  • 7
  • Hi, thanks and thanks for the clarification - I'm new to VPNs. The problem is as you say, I think. Is there a way to access the printer's routing table? The routers at each end are the default gateways. Unfortunately the one at the printer's end doesn't know how to reach the remote network, and it doesn't have a static route option, so I can't direct to to the server that does know how to reach the remote machine's network. I did try to enable NAT on the server, but I didn't really know what settings to use - I can't rerun the RRAS wizard! Which machine should I enable it on Thanks again! – user76157 Mar 30 '11 at 19:03
  • Can you change the printer's default gateway? Provided the printer isn't required to access the internet, it will be able to communicate with the local subnet without a correct default gateway. If you set the printer's default gateway to the RRAS assigned IP address it might work for you (I think you said it was 192.168.0.40). As an aside, the default gateway is the route used to contact any IP for which it does not have a static route assigned. – Sean C. Mar 30 '11 at 20:04
  • Thanks Sean. I don't have access to the office until Tuesday, but I've sent instructions for someone to try changing the printer's default gateway. It sounds like that might work (it doesn't need to access the internet). – user76157 Mar 30 '11 at 22:24
  • Sorry for taking so long to get back to you. Changing the gateway worked like a charm. Thanks again! – user76157 Apr 08 '11 at 18:25