[vpn-help] VPN Connects But Cannot Access or Ping
Matthew Grooms
mgrooms at shrew.net
Mon Aug 23 23:08:47 CDT 2010
On 8/19/2010 12:35 PM, Jason Bruce wrote:
> Hi Matt,
>
> Security associations are showing as mature on both ends. Zero bytes
> transferred. Again, I'm using the same config, same Shrew version as my
> XP machines yet 7 not working, it's bizarre.
>
Hi Jason,
Sorry for the delay. I have been extremely busy the last week. As for
your issue, I am a bit stumped. Since the client is connecting, we can
surmise that the filter driver is working. It is responsible for packet
redirection and injection. Since the client is negotiating an IPsec SA,
we know that the kernel is matching an outbound packet to the security
policy and asking the IKE daemon to acquire the SA. Your configuration
must also be correct or the phase1 or phase2 SA negotiation would have
failed. What I don't understand is why the packet isn't being processed
by the IPsec daemon correctly once the SA is established.
Could you please send me a copy of the ike and ipsec service output in a
private email? I'd like to take a closer look at it. You can set the
output level to debug for both services using the VPN trace utility. For
more details, please see this document ...
http://www.shrew.net/support/wiki/BugReportVpnWindows
Thanks,
-Matthew
More information about the vpn-help
mailing list