[vpn-help] VPN not passing traffic using Shrew Client

mikelupo at aol.com mikelupo at aol.com
Sun May 9 11:14:03 CDT 2010


Hi Kevin,
Thanks so much for your response. 

To your post:

1) I do not have overlapping local LAN IP address ranges.
In fact, my local LAN address is 10.0.0.x and the remote lan address (behind the VPN router) is in the 192.168.1.175 -to-192.168.1.195 range. So no problem there.
So listed:
192.168.1.1 is the VPN's local network gateway address.
192.168.1.175 thru 195 is the DHCP address range as set up in the Netgear mode-config for VPN clients connecting.
255.255.255.0 is the network mask used by VPN and client so that they match on both ends.

The WAN address is NOT static unfortunately as Comcast refused the business owner. As a workaround, we're using dyndns.org.

2) I will uninstall 2.1.5 in favor of the 2.1.6 beta and see if this helps.
Is there any log file or any other source of information that I could post that would perhaps give greater visibilty into the issue?

Thanks again,
Mike











-----Original Message-----
From: kevin shrew-vpn <klmlk at hotmail.com>
To: vpn-help at lists.shrew.net
Sent: Sun, May 9, 2010 11:27 am
Subject: Re: [vpn-help] VPN not passing traffic using Shrew Client


On Sun, 09 May 2010 10:12:12 -0400
ikelupo at aol.com wrote:
> 
 I am running Shrew Client (2.1.5) on Windows XP connecting to a
 Netgear VPN Prosafe FVS318G at a remote site. I have configured the
 client according to Shrew's "How-To" for a similar model Netgear
 Prosafe VPNs. 
 
 The Tunnel connection succeeds and I can see in the VPN log (on the
 prosafe router) that the SA Connection is also established
 successfully. On the VPN client side the Shrewsoft VPN trace output
 shows that the SA is Mature. The problem is that when I ping the VPN
 router's LAN address (192.168.1.1) ping returns no hits. Essentially
 the packets are being dropped.
 
Hi Mike, I can think of two reasons it might not work.  
First, since your VPN gateway uses private addresses 192.168.1.1, is it possible
hat you have overlapping private subnets at both ends of the tunnel?
ry to change one of your address ranges if they are overlapping.
Secondly, in Shrew 2.1.5, if you configure the Policy such that the VPN
ateway IP is in the tunnel range, Shrew will try to tunnel the traffic
estined for the gateway IP.  The later betas of 2.1.6 resolve this
ssue.
______________________________________________
pn-help mailing list
pn-help at lists.shrew.net
ttp://lists.shrew.net/mailman/listinfo/vpn-help

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100509/2ee2ba2f/attachment-0002.html>


More information about the vpn-help mailing list