How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask Russell H. Your Own Question

Russell H.
Russell H., Internet and LAN
Category: Networking
Satisfied Customers: 9932
Experience:  11 years work with Internet/IP, routers, networks, servers
13568747
Type Your Networking Question Here...
Russell H. is online now
A new question is answered every 9 seconds

I would like to ask a networking question. Preferably a CCNA

Customer Question

I would like to ask a networking question. Preferably a CCNA or higher or someone who is very experienced with VPN tunnels via IPSEC, PPTP, LPTP etc.
Submitted: 9 months ago.
Category: Networking
Expert:  Russell H. replied 9 months ago.
Hi, thank you for contacting JustAnswer.com. My name is Russell. I will do my best to provide the right answer to your question; I am not a CCNA, but I have a fair amount of experience with networking matters, and I know how touchy VPN configuration can be. If I cannot take on your question, I will Opt Out and cede it in favor of someone meeting your requirements. What is the problem with the VPN? that's my guess, as to what your question is about.Most often, firewalls are the problem. They definitely have to clear the way for VPN communication, in by far the most cases.Almost as often, configuration is the problem. Every parameter must be right, before a VPN connection will operate properly, or at all.And least often, equipment failures can enter into the picture. Those are easily eliminated from consideration by a suitable network test or two.Software used in VPN setup, on the other hand, can be problematical. This is the least rigorous aspect of any VPN problem... the software that is used. Let me know the question, please. Thanks.
Customer: replied 9 months ago.
Have you ever setup ipsec or lt2p?
Expert:  Russell H. replied 9 months ago.
To a minor extent, yes.
Customer: replied 9 months ago.
Russell it's nothing to do with the firewall. Lt2p works but it's slower than IPSec. IPSec communicates router to router but not on the inside. We beleive its a subnet issue . Any other ideas
Expert:  Russell H. replied 9 months ago.
If LT2P is working server-to-server-machine, then if LT2P processes or services or daemons are put at a lower priority (compared to IPSec) by the configuration of the server, response times will be slower than IPSec response times. I'm thinking of a WAN VPN, of course, one spanning greater distances rather than less. IPSec communicates router to router but not on the inside.Are you trying to use IPSec for intranet-type distances, within a semi-local network?
Customer: replied 9 months ago.
Now you talking to me Russ! Yes lt2p is definitely slower but we managed to establish a link and can communicate with machines on the inside even. But slower than ipsec. We are talking about two stores in completely different locations. Far apart.
Expert:  Russell H. replied 9 months ago.
If they are WAN-scale in their separation, then why is it a subnet issue? are the stores on different subnets ? (If IT2P works, there's no problem with firewalls of course.) If IT2P over IPSec is being used, then of course it's slower than plain IPSec... more layers of translation/encryption/grinding to get through that way.
Customer: replied 9 months ago.
Good night,I was able to resolve the IPsec connection. I changed the SA time to live and added a static route to include 172.160.1.0/23. The issue I am having now is that, I am able to ping at via cmd prompt, however when I try and access the computer via explorer it does not resolve. I am not using the DNS, I am using the IP address of the host machine. Any suggestions?
Expert:  Russell H. replied 9 months ago.
If I.E. browser does not resolve it, then what is its error message ?Is I.E. working otherwise? (of course, I presume it is, but I have to ask.)Accessing a computer via I.E. browser is not usual. Esp. if it's not a web server computer.Something like tracert is probably better to use.

Related Networking Questions