Hello All,
I'm confused and in need to some guidance.
My current setup:
- Two sites, A and B that are connected over an always on Site-to-Site VPN connection using Juniper Firewalls.
- Site B main gateway is 192.168.5.1, it allows access to Internet and Site A at the same time.
- Site A have two gateways, the main one that users are using is 192.168.1.3, it allows access to Internet only. the second gateway 192.168.1.1 are only used to connect to Site B.
- Users in site A can connect to site B by running a domain GPO that add the following to their local route table: route add 192.168.5.0 mask 255.255.255.255 192.168.1.1 metric 1
- The main VPN server in network is the TMG 2010 server.
- Below is a diagram that helps better understand the setup.
Problem:
- I have roaming users with laptops on the internet, they can successfully connect to the TMG 2010 main VPN gateway using SSTP and access all resources in Site A, but they can't access anything on Site B.
- Site B is not planned to have a dedicated VPN server.
- Users who connect to Site A are forced to remote desktop to a client machine hosted on Site A and then use that desktop machine to connect to resources on Site B.
Where I need guidance:
How do I enable the connected VPN clients on Site A to connect to resources in Site B?
- I assume I have to play with the routing table of the TMG server, if yes, what do I add?
- Do need to create networks and allow rules on the TMG server to access site B?
- Do I need to do anything on site B firewall?
Thanks in advance for your help :)
Noorish