Hi,

There is a main site and two remote offices both connect via VPN back to the
main site.

Main site has BT 5 static IP addresses assigned - initial ADSL connection is
via D-Link 604+ and then traffic is passed to two Netgear prosafe routers
which have a static external IP address assigned to each on their WAN port.
Each router (FVG318) looks after a separate subnet but only one subnet
connects to both remote sites.

Both remote sites link back to one of the main site subnets using VPN.

One remote has a single static IP address from Demon - a Netgear DG834 makes
the ADSL connection and traffic is then DMZ'd to an FVS318. Both routers
run NAT which means outgoing traffic is double NAT'd.


The second remote site has 5 static IP addresses from Demon. Initial
connection is by DG834 - this has one of the static IP's set as WAN port
and the remaining IP's as an internal LAN. (This is actually slightly
different from BT - BT have the WAN port of the ADSL router assigned by
DHCP). Then there is a Netgear FVG318 which has been assigned one of the
static IP's and acts as the VPN router.


Now traffic from the first remote site back to the main site runs fine and
has done for a while.

Traffic from the second site however suffers from the black hole problem
illustrated at

http://suport.microsoft.com/?id=314825

It has been fixed by applying method 3 to the couple of PC's on the remote
site.

But I was wondering why the second site suffers from this problem and the
first site does not.

I have ordered a Zyxel Prestige 660H-D1 as recommended by a previous reply -
I will have to replace the 604+ as it has been borrowed and hopefully the
Zyxel will be a better choice than a Netgear DG34. As the main link is
working fine I'd rather not cause any problems!

Thanks for any thoughts,

Kevin