[vpn-help] Problem with Shrew client via Linksys WRT45g gateway

Matthew Grooms mgrooms at shrew.net
Sat Jul 24 14:30:50 CDT 2010


You would typically need to forward UDP port 500, UDP port 4500 and IP  
protocol ESP. You probably missed 4500 which is used for NAT-T.

-Matthew

On Jul 24, 2010, at 9:32 AM, mikelupo at aol.com wrote:

> Matthew,
> After some more investigating, we placed that laptop running Shrew  
> in the DMZ and it worked great. So I think it's a matter of proper  
> port forwarding/port triggering settings.
> Can you offer any advice to this?
>
> Thanks,
> Mike
>
>
>
>
>
>
> -----Original Message-----
> From: Matthew Grooms <mgrooms at shrew.net>
> To: mikelupo at aol.com
> Cc: vpn-help at lists.shrew.net
> Sent: Fri, Jul 16, 2010 12:43 pm
> Subject: Re: [vpn-help] Problem with Shrew client via Linksys WRT45g  
> gateway
>
> On 7/15/2010 11:56 AM, mikelupo at aol.com wrote:
> > I have a shrew VPN client up and running on a Windows 7 professional
> > (laptop). With the laptop at home, going through my netgear  
> router, I
> > have no problem starting and using the VPN connection reliably.  
> Once the
> > connection is made I can ping workstations inside the remote  
> secure LAN.
> > The world is good.
> > However, now that the laptop has been deployed to the employee for  
> whom
> > I built if for, we cannot seem to get the same result.
> > Attached is a doc file containing screenshot of the VPN trace  
> utility.
> > It appears that we're getting through Phase 1 and Phase 2  
> reliably. On
> > the linksys WRT54G, We've also opened up Port 500 for forwarding and
> > triggering just to be safe.
> > Remote secure network LAN address 192.168.1.x
> > DHCP address given by VPN to shreew client 192.168.2.50
> > Local IP of the laptop sitting in the home/office of employee  
> 10.0.0.4
> > Matthew, do you have any words of wisdom? Whereas this was working
> > before on my home network, I don't want to rush to change client
> > software versions. The laptop is 120 miles away and talking the  
> employee
> > through this isn't going to be easy.
>
> Mike,
>
> Its hard to tell whats going on without seeing the debug log output.  
> My guess is that the phase2 negotiation is failing for some reason.  
> What version of the client did your user install?
>
> -Matthew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100724/94764386/attachment-0001.html>


More information about the vpn-help mailing list