Hello, I am working on a test environnement containing the following topology: Server1-----Router1---------------Router2-----Server2 All the four machines are Windows Server 2003 where the RRAS is installed in both Router1 and Router2 After setting up the vpn site-to-site between the two routers: -Router1 can ping Server1 (on the same lan), and Server2 (tracerouting the ping shows that it takes the tunnel as a path) -Router2 can ping Server2 (tunnel) and of course Server1, But even if the Gateway of the two servers, is set as the Routers IP addresses, pinging from Server1 to Server2 does not work... I thought about the ACLs, I added them in the IP Filtering of the VPN interface, but it still doesn't work... Am i missing something?? Thanks in advance,Lotfi BOUCHERIT

Hi Lotfi, Thanks for posting here. > But even if the Gateway of the two servers, is set as the Routers IP addresses, pinging from Server1 to Server2 does not work... Have we tried to track the traffic by command tracert form both server 1 and server 2 and what was the result ? it will help us to verify the endpoint address where interrupted the traffics . So please performing command tracert <address of server 1> form server 2 and tracert <address of server 2> form server 1 and post the results here . Please also sharing the routing tables form both routers here if that is possible . Thanks. Tiger Li Tiger Li TechNet Community Support

hello Sir, Of course, but first i think that i should share my addressing scheme: Network1 (Server1, Router1)-----WAN(Router1,Router2)-----Network2(Server2,Router2) >Network1 (10.98.16.0/24 : Server1: ..1, Router1: ..254) >Wan (172.16.1.0/30 : Router1 : ..2, Router1: ..1) >Network2 (10.98.17.0/24 : Server2: ..1, Router2: ..254) Route Print in Router1: http://www.casimages.com/img.php?i=120712103557563712.jpg Route Print in Router2: http://www.casimages.com/img.php?i=120712103738611761.jpg for the tracert from Server1 (10.98.16.1) to Server2: http://www.casimages.com/img.php?i=120712104551696148.jpg for the tracert from Server1 (10.98.17.1) to Server1: http://www.casimages.com/img.php?i=120712104532862843.jpg Thanks in advance, Regards. Lotfi BOUCHERIT

Hi Lotfi, Thanks for update. If I understand you properly , the routing entries on both routers should be : On Router 1 which is connecting with subnet 10.98.16.0/24 should has an entry : 10.98.17.0 255.255.255.0 172.16.1.1 On Router 2 which is connecting with subnet 10.98.17.0/24 should has an entry : 10.98.16.0 255.255.255.0 172.16.1.2 As you can see we might misconfigured the entries on both routers and will suggest to correct it and see how is going . Current configurations: Router1 : Router2: Meanwhile, both server 1 and server 2 should use the private address of the routers as their default gateway address . Thanks. Tiger LiTiger Li TechNet Community Support

Hi Lotfi, Thanks for update. If I understand you properly , the routing entries on both routers should be : On Router 1 which is connecting with subnet 10.98.16.0/24 should has an entry : 10.98.17.0 255.255.255.0 172.16.1.1 On Router 2 which is connecting with subnet 10.98.17.0/24 should has an entry : 10.98.16.0 255.255.255.0 172.16.1.2 As you can see we might misconfigured the entries on both routers and will suggest to correct it and see how is going . Current configurations: Router1 : Router2: Meanwhile, both server 1 and server 2 should use the private address of the routers as their default gateway address . Thanks. Tiger Li Tiger Li TechNet Community Support Thanks Sir, In fact, i found that I misconfigured the subnet mask of Server2, it was /22 instead of /24, Everything goes fine, i thank you a lot for your help.Lotfi BOUCHERIT