-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/3/07 3:28 PM, Paolo Supino wrote:
> Hi David
> 
>  It's true that all IP addresses are in the 10.x.x.x private address
> space that isn't supposed to be routed on the Internet, but in all the
> connections over the Internet the only visible addresses are the
> public ones (otherwise the VPNs wouldn't be working): Main and branch
> office public IP addresses and what ever the road warriors receive when
> connecting their laptops, either at home or at a client's site.
> The branch's firewall NATs the branch office 10.x.x.x address space
> on its external interface, but I don't see how that would cause routing
> problems between the 2 VPNs.

Per Stuart's suggestion, check your VPN clients' routing tables with
"netstat -f inet -nr | more" and determine whether they have a path to
your main office. Same thing for servers at the main office trying to
reach the VPN clients.

traceroute might be helpful (or might not; lots of places filter ICMP).

dn
iD8DBQFG3IxEyPxGVjntI4IRAj6MAKD5KMLoU74rea9P8HyApe8hS5nHmgCeLbco
+W9hUUKEAvhqCZM9ktKErd4=
=h5aK
-----END PGP SIGNATURE-----

Reply via email to