D-Link VPN Router > DSR-150 / DSR-150N
Site to Site with DSR-150Ns
controlsengineer:
I am trying to configure a VPN between 2 locations using DSR-150Ns at both locations. Both locations have Cable Internet with static IPs. I have flashed both units to the newest firmware. I used the VPN wizard at the main site. I then exported the IPsec rule and imported it to the remote site DSR using the EASY VPN tool. The tunnel will not establish. By reading the manual, it seem this all I have to do. On the remote DSR, I changed the "local" and "remote" IP addresses and finally got the tunnel to connect. But thats it, Ping will not pass across the link.
I have called support several times, they are not much help. They barely speak english.
So I have a question: In the setup, is the remote IP always the IP addresses of the remote site, even If I am configuring the remote router? Or when configuring the remote router, the "remote" IPs refers to the main site IPs. This is confusing to ask. I guess another way to ask is "local" IP ALWAYS on the router I am configuring and "remote" ALWAYS on the opposite end?
After the tunnel is established, is there anything else I need to setup? VLANS? Ports? etc... Do I need to set up server in the main site and and and a client at the remote site? Or is a IPSec Policy the only thing I need to establish comms between the sites?
There are 2 computers and 2 printers at each location. We just want to be able to print at opposite ends and share files/folders. The printers are network printers and the PC are mix of Win7 and Win8.
Any help would be appreciated.
thank you
CE
PacketTracer:
Hi,
do you use different LAN address ranges in your two locations? Routing through the VPN to the other location wouldn't work if both ranges were the same, for example 192.168.0.0/24.
If you use Win7 and Win8 it might be the Windows firewall settings that prevent you from successfully communicating to the other location: Depending on the active security profile (domain, private or public) the default for file and printer sharing or echo (ping) is to only accept packets originated from the "local subnet". Hence you would have to change the 'remote address' setting of any relevant incoming rule to accept packets from both the local and remote address ranges.
For a quick test you could also disable the Windows firewall to check if file and printer service is reachable then or the remote destination can be pinged.
PT
controlsengineer:
The local IP is 192.168.1.0 and the remote is 192.168.0.0
I disabled the firewall. Didn't help. Disabled antivirus also. Didn't help.
PacketTracer:
Hi again,
you said you have cable Internet. Do your cable modems [1] just provide modem functionality (hence your static public IP addresses are assigned to the WAN interfaces of your DSR-150Ns), or [2] are they also routers in which case they use your static public IP addresses at their cable interface and only provide private IP addresses to the WAN interfaces of your DSR-150Ns?
In case [2] you would have to configure port forwardings in your modems for ports 500/udp and 4500/udp to be forwarded to the corresponding DSR-150N WAN interface's private address. In addition (if not active by default) you have to configure IPsec to be able to use NAT traversal.
PT
controlsengineer:
The modems are gateway only. At each location. Static IP assigned by ISP.
Navigation
[0] Message Index
[#] Next page
Go to full version