[vpn-help] Tunnel established but not working

Intellia Informations info at intellia.fr
Wed Mar 3 08:23:25 CST 2010


Thanks for your response.
Unfortunately, it doesn't work anymore.
I tried switching the PFS settings between all proposed groups : it doesn't

Is it necessary to open specific port on the internet router for this to
work ?

I do not understand.
Do you ?



-----Message d'origine-----
De : Matthew Grooms [mailto:mgrooms at shrew.net] 
Envoyé : jeudi 25 février 2010 23:40
À : Intellia Informations
Cc : vpn-help at lists.shrew.net
Objet : Re: [vpn-help] Tunnel established but not working

On 2/24/2010 2:04 AM, Intellia Informations wrote:
> Hello,
> I am able to established a tunnel between the remote host client running
> ShrewVPNClient and a remote network.
> But no traffic is running on the tunnel and the ping or tracert (with IP
> address) do not know a remote machine on the remote network .
> When using CISCO VPN Client, it works well.
> I have done some trace log files with the trace utility... but not able
> to understand what is wrong.
> I tried with or without NAT-T : no change, remote host still can not be
> reached.
> I need some advice : it would be very helpful,

Hi Pierre,

The VPN client is completing phase1 without any issue. The gateway is 
complaining about NO-PROPOSAL-CHOSEN for phase2. This usually means 
there is some setting that isn't correct. Try switching the PFS settings 
between group2 and disabled and see if that has any effect.


More information about the vpn-help mailing list