[vpn-help] Cannot route traffic to 0.0.0.0 with Speedtouch 608
Stefan Bauer
stefan.bauer at cubewerk.de
Sat Mar 13 09:47:37 CST 2010
Am 12.03.2010 10:53, Henry Barker schrieb:
> When I specify 0.0.0.0/24 as the remote network resource the tunnel is
> brought up successfully, but I cannot route any traffic through the tunnel,
> either to the remote LAN or to the Internet. I can resolve DNS addresses
> however.
>
> On the Shrewsoft end I get the following in the IKE log:
> 10/03/12 09:17:43 ii : received peer NO-PROPOSAL-CHOSEN notification
>
> On my router end I have the following:
> x.x.x.x->x.x.x.x: [1/3] <- recv HASH|SA|NONCE, responder, quick mode
> => connection lookup matching remote(192.168.123.20) <-> local(*.*.*.*)
> -> consider connection profile AUTOL_192.168.123.0/24_to_192.168.250.0/24_#1
> --> skipped connection AUTOL_192.168.123.0/24_to_192.168.250.0/24_#1, its
> peer is AUTOL_to_195.200.146.253_#1
> -> consider connection profile AUTOS_Conn_AUTOS_Net_192.168.123.0/24
> --> connection AUTOS_Conn_AUTOS_Net_192.168.123.0/24 local-id mismatch
> -> consider connection profile
> AUTOS_Conn_AUTOS_Net_192.168.123.0/24_192.168.123.0-255.255.255
> --> connection
> AUTOS_Conn_AUTOS_Net_192.168.123.0/24_192.168.123.0-255.255.255 local-id
> mismatch
> => no matching connection profile found for incoming quick mode
> quick mode failed: no connection profile found peer
That looks to me not like a successful connection. Client is
complaining about no choosen proposal and the router got in trouble
with "no matching connection profile". The complete shrew vpn
logfiles would be helpful.
> And the following adapter configuration:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Shrew Soft Virtual Adapter
> Physical Address. . . . . . . . . : AA-AA-AA-46-24-00
> DHCP Enabled. . . . . . . . . . . : No
> Autoconfiguration Enabled . . . . : Yes
> Link-local IPv6 Address . . . . . : fe80::f02a:594b:d369:2bcb%26(Preferred)
> IPv4 Address. . . . . . . . . . . : 192.168.123.20(Preferred)
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 0.0.0.0
That looks suspicious. 0.0.0.0 is used as all-addresses but does not
make sense as default-gateway.
just my 5 cent
stefan
--
Stefan Bauer -----------------------------------------
PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34
-------- plzk.de - Linux - because it works ----------
More information about the vpn-help
mailing list