[vpn-help] Connecting to Zywall - Tunnel established, routing broken?
Ralf Steppacher
ralf at steppacher.name
Thu Aug 5 01:26:12 CDT 2010
Matthew,
thanks for the fast response. Unfortunately making the change you
suggest does not make a difference. Depending on what I set under the
policy tab I get two different results when trying to ping a host on the
remote network:
ralf at ralf-ubuntu:/etc$ ping 192.168.50.10
PING 192.168.50.10 (192.168.50.10) 56(84) bytes of data.
^C
--- 192.168.50.10 ping statistics ---
8 packets transmitted, 0 received, 100% packet loss, time 7006ms
Or
ralf at ralf-ubuntu:/etc$ ping 192.168.50.10
PING 192.168.50.10 (192.168.50.10) 56(84) bytes of data.
>From 192.168.50.81 icmp_seq=1 Destination Host Unreachable
>From 192.168.50.81 icmp_seq=2 Destination Host Unreachable
>From 192.168.50.81 icmp_seq=3 Destination Host Unreachable
>From 192.168.50.81 icmp_seq=4 Destination Host Unreachable
>From 192.168.50.81 icmp_seq=5 Destination Host Unreachable
>From 192.168.50.81 icmp_seq=6 Destination Host Unreachable
^C
--- 192.168.50.10 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time
6018ms
, pipe 4
192.168.50.81 is the IP assigned to the tap0 interface.
Thanks for your help!
Ralf
On Wed, 2010-08-04 at 22:57 -0500, Matthew Grooms wrote:
> On 8/4/2010 9:13 AM, Ralf Steppacher wrote:
> > Hello all,
> >
> > I am trying to connect to our corporate network via a Zywall and the Shrew VPN Client 2.1.5 from my Ubuntu 10.04 PC. I followed the Zywall wiki howto as best as I could, having no access to the Zywall configuration.
> >
> > I managed to establish a tunnel from my PC to the Zywall, but none of the IP addresses on the remote network are reachable/pingable. My local gateway is still pingable though. I guess it is a routing issue?
> >
> > My kernel routes with the tunnel open look like this. 192.168.1.0 being my local network, 192.168.50.0 being the corporate network.
> >
> > ralf at ralf-ubuntu:~$ route
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > default 192.168.50.81 255.255.255.0 UG 0 0 0 tap0
> > 192.168.50.0 * 255.255.255.0 U 0 0 0 tap0
> > 192.168.1.0 * 255.255.255.0 U 2 0 0 wlan0
> > link-local * 255.255.0.0 U 1000 0 0 wlan0
> > default 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0
> >
> > Does that look right to you?
> >
> > If it is OK, what else could be wrong?
> > In particular, I am unsure about what to set on the "Policy" tab of the client.
> >
>
> Did you read this?
>
> http://lists.shrew.net/mailman/htdig/vpn-help/2008-November/001827.html
>
> -Matthew
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> http://lists.shrew.net/mailman/listinfo/vpn-help
More information about the vpn-help
mailing list