[vpn-help] Can't ping some IP addresses behind VPN
Michal Wegrzyn
Michal at comfortel.pl
Mon Sep 6 02:07:17 CDT 2010
Hi Mike,
Disable Firewall on devices and check pings.
Default in Windows only respond on the same subnet while in VPN ModeConfig You have different subnet so Windowses drops Your packets.
Regards,
Michal
----- Original Message -----
From: mikelupo at aol.com
To: vpn-help at lists.shrew.net
Sent: Saturday, September 04, 2010 3:58 AM
Subject: [vpn-help] Can't ping some IP addresses behind VPN
Hi Matthew et. al,
I have a Netgear FVS318G vpn router. I can connect to it using Shrew 2.1.6 (latest released version).
Iked.log is attached.
Once I make my connection, I can ping the VPN's local internal address on the remote network (192.168.1.1). I even confirm that https://192.168.1.1:8080 will render the VPN admin console. So this confirms that I'm really reaching the VPN on the remote LAN.
I however, cannot ping devices that I know are running in the LAN beyond the gateway. It seems my packets are being dropped. I can confirm these target addresses are pingable using the Netgear VPN admin console diagnostics. (i.e. 192.168.1.7)
In the VPN Trace utility, I see only two SA's (Mature ESP types). Both show positive traffic flow.
Topology:
VPN Local network side: 192.168.1.0/24
Mode Config address pool: 192.168.2.50 - 100
Local Lan: 10.0.0.0/24
I figure Matt, you'd want to know this for the Policy Tab.
Policy Generation Level = Auto
s:policy-list-include:192.168.1.0 / 255.255.255.0
Does my iked log give any hints?
Thanks in advance,
Mike
------------------------------------------------------------------------------
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100906/2faa5112/attachment-0002.html>
More information about the vpn-help
mailing list