• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site-to-Site Routing.....

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site-to-Site Routing..... Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site-to-Site Routing..... - 20.Apr.2007 11:43:45 AM   
zwap

 

Posts: 8
Joined: 28.Mar.2007
Status: offline
Hello,

I have I question... sorry for my bad English!

Our situation:
We have 3 network sites:
On every Site is a Router who is connected to a Network Ring
I have created a Backup network ring between the ISA servers. I have read the tutorial on this site and the connection work fine except that I get ping time outs on the regular basis!




Site 1: 172.20.0.0/16
DHCP Scope: 172.20.20.*
Router 172.20.1.1
Site1_IsaServer 172.20.10.31
pinging from Site1_IsaServer to the Site2 and Site3 ISA servers are successful!


The Routing table: (Site1_IsaServer)

Active Routes:
Network Destination  Netmask                     Gateway               Interface              Metric
0.0.0.0                           0.0.0.0                          192.168.20.1       192.168.20.31         20
80.*.*.*                        255.255.255.255          192.168.20.1       192.168.20.31         20
83.*.*.*                        255.255.255.255          192.168.20.1       192.168.20.31         20
127.0.0.0                       255.0.0.0                      127.0.0.1              127.0.0.1                1
172.20.0.0                     255.255.0.0                  172.20.10.31       172.20.10.31           20
172.20.10.31                 255.255.255.255          127.0.0.1              127.0.0.1                20
172.20.20.24                 255.255.255.255          172.22.20.10       172.22.20.10           1
172.20.20.95                 255.255.255.255          172.21.20.126    172.21.20.126          1
172.20.20.96                 255.255.255.255          127.0.0.1              127.0.0.1                50
172.20.255.255             255.255.255.255          172.20.10.31       172.20.10.31           20
172.21.0.0                     255.255.0.0                  172.20.20.95       172.21.20.126         1
172.21.20.126               255.255.255.255          127.0.0.1              127.0.0.1                50
172.21.255.255             255.255.255.255          172.21.20.126    172.21.20.126          50
172.22.0.0                     255.255.0.0                  172.20.20.24       172.22.20.10           1
172.22.20.10                 255.255.255.255          127.0.0.1              127.0.0.1                50
172.22.255.255             255.255.255.255          172.22.20.10       172.22.20.10           50
192.168.20.0                 255.255.255.0              192.168.20.31    192.168.20.31          20
192.168.20.31               255.255.255.255          127.0.0.1              127.0.0.1                20
192.168.20.255             255.255.255.255          192.168.20.31    192.168.20.31          20
224.0.0.0                       240.0.0.0                      172.20.10.31       172.20.10.31           20
224.0.0.0                       240.0.0.0                      172.21.20.126    172.21.20.126          50
224.0.0.0                       240.0.0.0                      172.22.20.10       172.22.20.10           50
224.0.0.0                       240.0.0.0                      192.168.20.31    192.168.20.31          20
255.255.255.255           255.255.255.255          172.20.10.31       172.20.10.31           1
255.255.255.255           255.255.255.255          172.21.20.126    172.21.20.126          1
255.255.255.255           255.255.255.255          172.22.20.10       172.22.20.10           1
255.255.255.255           255.255.255.255          192.168.20.31    192.168.20.31          1
Default Gateway:      192.168.20.1 (ADSL Router)
===========================================================================
Persistent Routes:
None 



Site 2: 172.21.0.0/16
DHCP Scope: 172.21.20.*
Router 172.21.1.1
Site2_IsaServer 172.20.10.31
When I ping  from Site2_IsaServer to the Site1_IsaServer I get first 3 Time Outs and then ping Replies.
pinging from Site2_IsaServer3 are successful!!
The Routing table: (Site2_IsaServer)
Active Routes:
Network Destination   Netmask                      Gateway               Interface               Metric
0.0.0.0                            0.0.0.0                          192.168.21.1         192.168.21.31        20
80.*.*.*                         255.255.255.255          192.168.21.1         192.168.21.31        20
80.*.*.*                         255.255.255.255          192.168.21.1         192.168.21.31        20
127.0.0.0                        255.0.0.0                      127.0.0.1               127.0.0.1                1
172.20.0.0                      255.255.0.0                  172.21.20.126       172.20.20.95          1
172.20.20.95                  255.255.255.255          127.0.0.1               127.0.0.1                50
172.20.255.255              255.255.255.255          172.20.20.95         172.20.20.95          50
172.21.0.0                      255.255.0.0                  172.21.10.31         172.21.10.31          10
172.21.10.31                  255.255.255.255          127.0.0.1               127.0.0.1                10
172.21.20.126                255.255.255.255          172.20.20.95         172.20.20.95          1
172.21.20.127                255.255.255.255          172.22.20.7           172.22.20.7            1
172.21.20.129                255.255.255.255          127.0.0.1               127.0.0.1                50
172.21.255.255              255.255.255.255          172.21.10.31         172.21.10.31          10
172.22.0.0                      255.255.0.0                  0.0.0.0                   172.22.20.7            1
172.22.0.0                      255.255.0.0                  172.21.20.127       172.22.20.7            1
172.22.20.7                    255.255.255.255          127.0.0.1               127.0.0.1                50
172.22.255.255              255.255.255.255          172.22.20.7           172.22.20.7            50
192.168.21.0                  255.255.255.0              192.168.21.31       192.168.21.31        20
192.168.21.31                255.255.255.255          127.0.0.1               127.0.0.1                20
192.168.21.255              255.255.255.255          192.168.21.31       192.168.21.31        20
224.0.0.0                        240.0.0.0                      172.20.20.95         172.20.20.95          50
224.0.0.0                        240.0.0.0                      172.21.10.31         172.21.10.31          10
224.0.0.0                        240.0.0.0                      172.22.20.7           172.22.20.7            50
224.0.0.0                        240.0.0.0                      192.168.21.31       192.168.21.31        20
255.255.255.255            255.255.255.255          172.20.20.95         172.20.20.95          1
255.255.255.255              255.255.255.255        172.21.10.31         172.21.10.31          1
255.255.255.255              255.255.255.255        172.22.20.7           172.22.20.7            1
255.255.255.255              255.255.255.255        192.168.21.31       192.168.21.31        1
Default Gateway: 192.168.21.1 ADSL ROUTER===================================
Persistent Routes:
None 

EVENTLOG ERROR:
ISA Server detected routes through adapter Site1 that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.)  The address ranges in conflict are: 172.21.20.40-172.21.20.40



Site 3: 172.22.0.0/16
DHCP Scope: 172.22.20.*
Router 172.22.1.1
Site3_IsaServer 172.22.10.31
When I ping  from Site3_IsaServer to the Site1_IsaServer I get first 3 Time Outs and then ping Replies.
pinging from Site3_IsaServer to Site2_IsaServer are successful!!
The Routing table: (Site3_IsaServer)
Active Routes:
Network Destination          Netmas                 Gateway               Interface               Metric
0.0.0.0                                    0.0.0.0                   192.168.22.1       192.168.22.31          20
80.*.*.*                                255.255.255.255    192.168.22.1       192.168.22.31          20
83.*.*.*                                255.255.255.255    192.168.22.1       192.168.22.31          20
127.0.0.0                               255.0.0.0                127.0.0.1              127.0.0.1                 1
172.20.0.0                             255.255.0.0            172.22.20.10       172.20.20.24            1
172.20.20.24                         255.255.255.255    127.0.0.1              127.0.0.1                 50
172.20.255.255                     255.255.255.255    172.20.20.24       172.20.20.24            50
172.21.0.0                             255.255.0.0            172.22.20.7          172.21.20.127         1
172.21.20.127                       255.255.255.255    127.0.0.1              127.0.0.1                 50
172.21.255.255                     255.255.255.255    172.21.20.127    172.21.20.127           50
172.22.0.0                             255.255.0.0            172.22.10.31       172.22.10.31            20
172.22.10.31                         255.255.255.255    127.0.0.1              127.0.0.1                 20
172.22.20.7                           255.255.255.255    172.21.20.127    172.21.20.127           1
172.22.20.10                         255.255.255.255    172.20.20.24       172.20.20.24            1
172.22.20.12                         255.255.255.255    127.0.0.1              127.0.0.1                 50
172.22.255.255                     255.255.255.255    172.22.10.31       172.22.10.31            20
192.168.22.0                         255.255.255.0        192.168.22.31    192.168.22.31           20
192.168.22.31                       255.255.255.255    127.0.0.1              127.0.0.1                 20
192.168.22.255                     255.255.255.255    192.168.22.31    192.168.22.31           20
224.0.0.0                              240.0.0.0                172.20.20.24       172.20.20.24            50
224.0.0.0                              240.0.0.0                172.21.20.127    172.21.20.127           50
224.0.0.0                              240.0.0.0                172.22.10.31       172.22.10.31            20
224.0.0.0                              240.0.0.0                192.168.22.31    192.168.22.31           20
255.255.255.255                   255.255.255.255    172.20.20.24       172.20.20.24            1
255.255.255.255                   255.255.255.255    172.21.20.127    172.21.20.127           1
255.255.255.255                   255.255.255.255    172.22.10.31       172.22.10.31            1
255.255.255.255                   255.255.255.255    192.168.22.31    192.168.22.31           1
Default Gateway:      192.168.22.1 ADSL Router((===========================================================================
Persistent Routes:
None

EVENT LOG ERROR:
ISA Server detected routes through adapter Site1 that do not correlate with the network element to which this adapter belongs. For best practice, the address range of an ISA Server network should match the address ranges routable through the associated network adapter as defined in the routing table. Otherwise valid packets may be dropped as spoofed. (This alert may occur momentarily when you create a remote site network. You may safely ignore this message if it does not reoccur.)  The address ranges in conflict are: 172.22.20.10-172.22.20.10


Conclusion:
Pinging from:
Site1_IsaServer-> Site2IsaServer                   OK
Site1_IsaServer-> Site3IsaServer                   OK

Site2_IsaServer-> Site1IsaServer                   IsaServer I get first 3 Time Outs and then ping Replies
Site2_IsaServer-> Site3IsaServer                   OK

Site3_IsaServer-> Site1IsaServer                   IsaServer I get first 3 Time Outs and then ping Replies
Site3_IsaServer-> Site2IsaServer                   OK

Can you help?

< Message edited by zwap -- 23.Apr.2007 8:33:10 AM >
Post #: 1
RE: Site-to-Site Routing..... - 7.May2007 8:23:25 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Initial timeouts are usually due to the connection dialing up.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to zwap)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site-to-Site Routing..... Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts