[vpn-help] Cannot route traffic to 0.0.0.0 with Speedtouch 608

Henry Barker henry at paperstone.co.uk
Fri Mar 12 03:53:56 CST 2010 

I’m attempting to connect to a Speedtouch 608WL router with the Shrewsoft
client, and tunnel all traffic through the Speedtouch..

I have successfully managed to bring up a tunnel and ping (both ways) on the
remote LAN when I either have ‘Obtain Topology Automatically or Tunnel All’
ticked, or I specify only the remote LAN address (192.168.123.0/24) as a
remote network resource. This seems to work well.

When I specify 0.0.0.0/24 as the remote network resource the tunnel is
brought up successfully, but I cannot route any traffic through the tunnel,
either to the remote LAN or to the Internet. I can resolve DNS addresses
however.

On the Shrewsoft end I get the following in the IKE log:
10/03/12 09:17:43 ii : received peer NO-PROPOSAL-CHOSEN notification

On my router end I have the following:
x.x.x.x->x.x.x.x: [1/3] <- recv HASH|SA|NONCE, responder, quick mode
=> connection lookup matching remote(192.168.123.20) <-> local(*.*.*.*)
-> consider connection profile AUTOL_192.168.123.0/24_to_192.168.250.0/24_#1
--> skipped connection AUTOL_192.168.123.0/24_to_192.168.250.0/24_#1, its
peer is AUTOL_to_195.200.146.253_#1
-> consider connection profile AUTOS_Conn_AUTOS_Net_192.168.123.0/24
--> connection AUTOS_Conn_AUTOS_Net_192.168.123.0/24 local-id mismatch
-> consider connection profile
AUTOS_Conn_AUTOS_Net_192.168.123.0/24_192.168.123.0-255.255.255
--> connection
AUTOS_Conn_AUTOS_Net_192.168.123.0/24_192.168.123.0-255.255.255 local-id
mismatch
=> no matching connection profile found for incoming quick mode
quick mode failed: no connection profile found peer
DefaultAggressive,initiator id(192.168.123.20), responder id(0.0.0.0/0)

My Windows client gets the following route entries when I have 'Obtain
topology automatically ticked':
Network Destination     Netmask    		Gateway   	Interface
Metric
192.168.123.0    		255.255.255.0     On-link
192.168.123.20     11
192.168.123.20  		255.255.255.255   On-link
192.168.123.20    266
192.168.123.255  		255.255.255.255   On-link
192.168.123.20    266

And the following when I have 0.0.0.0/24 as a  Remote network resource
Network Destination     Netmask    		Gateway   	Interface  
      Metric 
0.0.0.0                 0.0.0.0        	On-link   	192.168.123.20    11

192.168.123.0    		255.255.255.0     On-link
192.168.123.20    266
192.168.123.20  		255.255.255.255   On-link
192.168.123.20    266
192.168.123.255  		255.255.255.255   On-link
192.168.123.20    266

And the following adapter configuration:

Connection-specific DNS Suffix  . :
Description . . . . . . . . . . . : Shrew Soft Virtual Adapter
Physical Address. . . . . . . . . : AA-AA-AA-46-24-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f02a:594b:d369:2bcb%26(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.123.20(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 192.168.123.254
NetBIOS over Tcpip. . . . . . . . : Disabled

I'm attempting this with ver 2.1.6 beta 6, as the changelog for beta4
suggested the ability to tunnel all by adding a 0.0.0.0 entry..

Any ideas as to what I can look at to debug this further? Many thanks in
advance,

Henry

More information about the vpn-help mailing list