[vpn-help] Can't ping some IP addresses behind VPN
mikelupo at aol.com
mikelupo at aol.com
Fri Sep 3 20:58:40 CDT 2010
Hi Matthew et. al,
I have a Netgear FVS318G vpn router. I can connect to it using Shrew 2.1.6 (latest released version).
Iked.log is attached.
Once I make my connection, I can ping the VPN's local internal address on the remote network (192.168.1.1). I even confirm that https://192.168.1.1:8080 will render the VPN admin console. So this confirms that I'm really reaching the VPN on the remote LAN.
I however, cannot ping devices that I know are running in the LAN beyond the gateway. It seems my packets are being dropped. I can confirm these target addresses are pingable using the Netgear VPN admin console diagnostics. (i.e. 192.168.1.7)
In the VPN Trace utility, I see only two SA's (Mature ESP types). Both show positive traffic flow.
Topology:
VPN Local network side: 192.168.1.0/24
Mode Config address pool: 192.168.2.50 - 100
Local Lan: 10.0.0.0/24
I figure Matt, you'd want to know this for the Policy Tab.
Policy Generation Level = Auto
s:policy-list-include:192.168.1.0 / 255.255.255.0
Does my iked log give any hints?
Thanks in advance,
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100903/5d165921/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iked.log
Type: text/richtext
Size: 90249 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100903/5d165921/attachment-0001.rtx>
More information about the vpn-help
mailing list