The output of the command should be either 0 (started) or 10 (already running). Additionally, the tunnel needs to be able to transport these destination addresses.For testing purposes, you can disable Windows Firewall on the remote computer with this command: Invoke-Command -ComputerName Win7 -ScriptBlock In your diagram, the 元 switch and the right-hand router need to know the route to "Remote Device". Set up static routes or use a routing protocol like OSPF. Routing needs to be consistent, so that all routers on each tunnel side know where to route all subnets. If that isn't the case you either need to use other means of user identification or multiple tunnels for the various trust zones. you can be sure that the source IP has not been spoofed. Of course, that implies that you trust the far tunnel endpoint, ie. The destination address is the 元 subnet, located in a VLAN.įor security, you filter by combination of source address and destination subnet (or address) between the tunnel and the inter-VLAN router. VPN is (usually) 元, so you route into the VLANs from the VPN tunnel endpoint (and vice versa, for simplicity I'm referring to the in direction only). VLANs are only useful within a shared L2 infrastructure. I also enabled the "Route and Remote Access" service on Windows 10, but still no success.ĭoes anybody have some tipps or ideas what I could have missed? I am no network expert so I would greatly appreciate your help. I checked the routing table on Device A, but it seemed OK to me. I can ping Device B and Device C if I directly log in to Device B, but not on the Remote Device, however I can establish a TCP connection to tools running on Device A, so the VPN works.
As per my understanding of VPNs, I should now be able to access those devices. Now the problem is on the remote device I can't ping any of the other devices (Device B, Device C).
A remote device is connected via VPN tunnel to the access device.It uses Windows 10 as the operating system.
This device has multiple tagged (virtual) interfaces allowing it to communicate to all devices on all different VLANs. A special access device is also connected to the switch over a trunk port.There is also a router connected to the switch which provides internet access (not part of a VLAN).Multiple devices are connected to it on different VLANs via untagged access ports.I have setup a Layer 3 Switch with multiple VLANs.
0 kommentar(er)
