[vpn-help] VPN Connects But Cannot Access or Ping

[Matthew Grooms]

On 8/19/2010 12:35 PM, Jason Bruce wrote:
> Hi Matt,
>
> Security associations are showing as mature on both ends. Zero bytes
> transferred. Again, I'm using the same config, same Shrew version as my
> XP machines yet 7 not working, it's bizarre.
>

Hi Jason,

Sorry for the delay. I have been extremely busy the last week. As for 
your issue, I am a bit stumped. Since the client is connecting, we can 
surmise that the filter driver is working. It is responsible for packet 
redirection and injection. Since the client is negotiating an IPsec SA, 
we know that the kernel is matching an outbound packet to the security 
policy and asking the IKE daemon to acquire the SA. Your configuration 
must also be correct or the phase1 or phase2 SA negotiation would have 
failed. What I don't understand is why the packet isn't being processed 
by the IPsec daemon correctly once the SA is established.

Could you please send me a copy of the ike and ipsec service output in a 
private email? I'd like to take a closer look at it. You can set the 
output level to debug for both services using the VPN trace utility. For 
more details, please see this document ...

http://www.shrew.net/support/wiki/BugReportVpnWindows

Thanks,

-Matthew