[vpn-help] Shrew 2.17 on Ubuntu 12.04.2 LTS established with Juniper SSG20 but can ping nowhere
eric xu
chixu8341 at hotmail.com
Fri Apr 19 06:46:59 CDT 2013
Hi Kevin,
Thanks for response.
I kind of solve the problem. Below are some lessons I learnt so far:
1. The IP Pool in SSG20 shall be private add. for instance 172.16.90.1 which differs from my target private add. 192.168.11.0/24.
2. when tap0 is assigned with name server 192.168.11.20/192.168.11.1 I found I shall allow query from 172.16.0.0/16 and set recursion to yes in name server 192.168.11.20.
So far so good but I am planning currently to setup another VPN user (who belongs to same department as previous one) to access SSG20. Should I create new Local Identity and Remote Identity peer or just create new Local Identity?
Many thanks for attention.
Eric
> Date: Thu, 18 Apr 2013 23:06:57 -0400
> From: kvpn at live.com
> To: vpn-help at lists.shrew.net
> Subject: Re: [vpn-help] Shrew 2.17 on Ubuntu 12.04.2 LTS established with Juniper SSG20 but can ping nowhere
>
> On 04/18/2013 03:04 AM, eric xu wrote:
> > Hi All,
> >
> > As a new user I run into problem as described briefly in caption. More details is as follows:
> >
> > - Shrew Version: 2.17 complied on Ubuntu 12.04.2 LTS 32-bit (IBM T41)
> > - Gateway: Juniper SSG20 Version: 6.2.0r5.0 (Firewall+VPN)
> > - qikea shows "Established"
> > - tap0 created but can ping nowhere into the private network (192.168.11.0/24)
> >
> > Ifconfig:
> > eth0 Link encap:Ethernet HWaddr 00:0d:60:b2:ac:27
> > UP BROADCAST MULTICAST MTU:1500 Metric:1
> > RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:1000
> > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
> >
> > eth1 Link encap:Ethernet HWaddr 00:0c:f1:40:6e:73
> > inet addr:117.128.171.xxx Bcast:117.128.171.63 Mask:255.255.255.192
> > inet6 addr: fe80::20c:f1ff:fe40:6e73/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:79181 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:69530 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:1000
> > RX bytes:91427974 (91.4 MB) TX bytes:6226954 (6.2 MB)
> > Interrupt:11 Base address:0x8000 Memory:c0214000-c0214fff
> >
> > lo Link encap:Local Loopback
> > inet addr:127.0.0.1 Mask:255.0.0.0
> > inet6 addr: ::1/128 Scope:Host
> > UP LOOPBACK RUNNING MTU:16436 Metric:1
> > RX packets:1708 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:1708 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:0
> > RX bytes:275161 (275.1 KB) TX bytes:275161 (275.1 KB)
> >
> > tap0 Link encap:Ethernet HWaddr e6:00:e5:3d:d4:17
> > inet addr:192.168.11.25 Bcast:192.168.11.25 Mask:255.255.255.255
> > inet6 addr: fe80::e400:e5ff:fe3d:d417/64 Scope:Link
> > UP BROADCAST RUNNING MTU:1380 Metric:1
> > RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:500
> > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
> >
> > route:
> >
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > default 117.128.171.1 0.0.0.0 UG 0 0 0 eth1
> > 117.128.171.0 * 255.255.255.192 U 2 0 0 eth1
> > 120.72.49.xxx 117.128.171.1 255.255.255.255 UGH 0 0 0 eth1
> > link-local * 255.255.0.0 U 1000 0 0 eth1
> > 192.168.11.0 192.168.11.25 255.255.255.0 UG 0 0 0 tap0
> >
> >
>
> Hi Eric,
>
> Can you generate a log trace for us using the instructions below?
> Please make sure the log_level is at debug.
> https://www.shrew.net/support/VPN_Bug_Report_Unix
>
>
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> https://lists.shrew.net/mailman/listinfo/vpn-help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20130419/3fadaf4f/attachment.html>
More information about the vpn-help
mailing list