[Vpn-help] Tunnel to juniper SSG - Shrew thinks it is up but Juniper does not
Matthew Grooms
mgrooms at shrew.net
Sat Jul 4 01:31:51 CDT 2009
Daniel Qian wrote:
> Ok the tunnel is up now. It turned out to be PFS has to be set specifically
> intead of auto. but another issue arises - no traffic is returning from the
> remote device. I tried pinging a host on the remote inside network but no
> reply. Any idea what could be the reason?
>
Daniel,
Can you do a packet dump from a node inside the network to determine if
they are reaching the distant host? If you do see the ping packets and
responses, the next thing to check would be if ESP or UDP port 4500
packets are being returned from the gateway to the client ( the
encrypted responses ).
-Matthew
More information about the vpn-help
mailing list