[Vpn-help] Strange routing problem

Noach Sumner nss at compu-skill.com
Sat Apr 11 16:25:13 CDT 2009 

As it seems they probably found my post I figure it is worth a new post.
Matthew any hope of a solution for this dratted multiple IP issue?

On Wed, Apr 8, 2009 at 10:08 AM, Klaus Strebel <klaus.strebel at gmx.net>wrote:

> Matthew Grooms schrieb:
> > Klaus Strebel wrote:
> >> Hi all,
> >>
> >> i got a weird problem with a new box connecting to our PIX-VPN. The
> >> config used works great for several other boxes ( all Dell-Laptops )
> >> with XP 64 and Vista 64, but on this box its just establishing the SA,
> >> the tunnel is comming up, but the routes through it are not set. In the
> >> iked.log i found ( only one ?!? ) '!! : failed to create IPSEC policy
> >> route for 172.26.1.0/24', there should also be get one created for
> >> 172.25.0.0/16 ... is that tried at all if the first failed ???
> >>
> >
> > Hi Klaus,
> >
> > Thanks for the bug report. I'm not sure why a route would be created for
> > one network but not the other. Did you have a look at the route table
> > before and after the connection was established? Feel free to forward me
> > this information in a private email if you like.
>
> Hi Matthew,
>
> i poked a bit more in the vpn-help-archives and found reports about
> problems with multiple addresses on the virtual-interface ( that i had
> not on the boxes that work, but found on the box that doesn't ) and one
> user who reported that he had to remove all remainders of an old install
> and reboot ( reboot, reboot  ;-) ) and finally got an 2.2.0-alpha to work.
> So i downloaded the latest 2.1.5-alpha and uninstalled ( hey forgot to
> mention: had the 2.1.3-stable installed ) the old version, installed the
> 2.1.5-beta4 and ... no change. Then in uninstalled, rebooted, cleaned
> the registry ( well, just delete all HKEY_xxx->Software->ShrewSoft keys
> ), rebooted, installed the 2.1.5-beta4, rebooted, imported my config,
> set debug-level to 'decode' and tataaaa, it worked!
>
> Well, Windows-TCP/IP is somewhat a mircacle to me ( had to reinstall XP
> on two boxes because of problems with it ... and upgrade/uninstall of a
> 'professional' VPN-client using the 'Deterministic Network Enhancer' -
> one with Cisco and one with CheckPoint ), the reboots seem to be
> necessary ... sometimes.
>
> As so see, i've got some experiance with VPN products, both from the
> client and the gateway side and i have to say, your solution is at eye
> level with the client-stuff of these vendors!
>
> Welldone, i'm happy that i found your solution :-).
>
> Cheers
> Klaus
> --
> Mit freundlichen Grüssen / best regards
>
> Klaus Strebel, Dipl.-Inform. (FH), mailto:klaus.strebel at gmx.net
>
> /"\
> \ /     ASCII RIBBON CAMPAIGN
>  X        AGAINST HTML MAIL
> / \
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> http://lists.shrew.net/mailman/listinfo/vpn-help
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20090412/119e3089/attachment-0002.html>

More information about the vpn-help mailing list