Results 1 to 3 of 3

Thread: IPSec LAN routing when not gateway

  1. #1


    Our ISP provides us with 5 static ips. I am using 2 right now with the following devices

    1) Epygi IP/PBX 16x
    2) Windows 2003 Small Business Server running DHCP, DNS, WINS Routing & Remote Access.

    My LAN Data clients connect to the internet through #2. I.e. no data traffic goes through the Epygi. We are doing this because although not perfect, running everything on Windows 2003 eases maintenance and we are a consulting company that needs to make frequent network changes due to projects. I would rather have one device control everything assuming that device is not over taxed.

    Unfortunately, I now need to setup an IPSec static VPN with 4 offices and I can't get my Windows 2003 Routing & Remote Access box to properly find the IPSec policy I have created.

    As an alternative, I would like to use my Epygi's IPSec capability and point the 3 offices to its wan ip address. I can successfully establish the IPSec connection between the offices and the Epygi. And someone on the remote network can ping my Epygi lan ip address. The trouble is they can't ping anything else on the network by host name or ip address. What I would like to do is for the Epygi to forward any requests for LAN devices other than it to my Windows 2003 gateway. Is this even possible?

    Last edited by tritek; 04-11-2011 at 07:02 PM.

  2. #2


    You would need to put a routing rule on your default gateway (Windows box) for traffic destined to the remote network to go via the Epygi.

    What is probably happening:
    - The local PCs receive the PING
    - The send a REPLY, but they send it to their default gateway (Windows Box)
    - The windows box may try to forward the packet to the internet, or simply drop the packet.

  3. #3


    This worked. I added static routes in Routing And Remote Access of my windows 2003 primary router that any requests/responses for clients on the remote subnets should be routed through my Epygi. I created this route on the LAN adapter. I can now ping from the epygi network to the proper remote ipsec network connected through the epygi.

    One other question which I don't think is related to IPSec. My Epygi cannot ping by host name via Network Tools. Is this expected? Although it is not my primary LAN dhcp or dns server, I would expect it to be able to find hosts that are on the same LAN sub net. Does this mean that nodes on the remote IPSec networks won't be able to find nodes through the Epygi IPSec connection by host name? Do I need to register my primary DNS and/or DHCP server with the Epygi some how?

    Last edited by tritek; 04-11-2011 at 07:02 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. change default gateway
    By TFIDemo in forum 'How Do I' Questions
    Replies: 5
    Last Post: 11-05-2007, 04:24 AM
  2. Ipsec VPN
    By cpv123 in forum Troubleshooting and Problems
    Replies: 2
    Last Post: 03-16-2007, 08:22 AM
  3. IPSec VPN though Quadro
    By mwitmer in forum Troubleshooting and Problems
    Replies: 0
    Last Post: 11-19-2006, 06:48 PM
  4. VOIP/GSM Gateway
    By HL2DFR in forum Hardware Interoperability
    Replies: 2
    Last Post: 10-02-2006, 11:49 PM
  5. VPN with IPSec
    By mpeniche in forum Troubleshooting and Problems
    Replies: 2
    Last Post: 09-28-2006, 09:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts