[vpn-help] VPN not working

Alexis La Goutte alexis.lagoutte at gmail.com
Sat Feb 20 03:48:15 CST 2016 

Hi,

What the VPN Gateway ?
Do you have check the log of VPN Gateway and may be need some firewall
rules ?

Cheers

On Sat, Feb 20, 2016 at 6:38 AM, <jirka.mladenec at centrum.cz> wrote:

> I installed the package 'ike' from debian repositories. System is Debian
> 8.3 32-bit. I successfully connect to the VPN using the client, but have no
> internet connectivity, nor can I reach any machines on the VPN network. How
> do I make it work?
>
> The log is:
> config loaded for site 'remote'
> attached to key daemon ...
> peer configured
> iskamp proposal configured
> esp proposal configured
> client configured
> local id configured
> remote id configured
> pre-shared key configured
> bringing up tunnel ...
> network device configured
> tunnel enabled
>
> The VPN profile:
> n:version:4
> s:network-host:remote.work.com
> n:network-ike-port:500
> s:client-auto-mode:pull
> n:network-mtu-size:1380
> s:client-iface:virtual
> n:client-addr-auto:1
> s:network-natt-mode:enable
> n:network-natt-port:4500
> n:network-natt-rate:15
> s:network-frag-mode:enable
> n:network-frag-size:540
> n:network-dpd-enable:1
> n:client-banner-enable:1
> n:network-notify-enable:1
> n:client-dns-used:1
> n:client-dns-auto:0
> n:client-dns-suffix-auto:0
> s:client-dns-addr:192.168.2.251,192.168.2.252
> s:client-dns-suffix:work.local
> n:client-splitdns-used:1
> n:client-splitdns-auto:1
> n:client-wins-used:0
> n:client-wins-auto:1
> s:auth-method:mutual-psk-xauth
> s:ident-client-type:fqdn
> s:ident-server-type:any
> b:auth-mutual-psk:<redacted>
> s:phase1-exchange:aggressive
> n:phase1-dhgroup:14
> s:phase1-cipher:aes
> n:phase1-keylen:256
> s:phase1-hash:sha2-256
> n:phase1-life-secs:86400
> n:phase1-life-kbytes:0
> n:vendor-chkpt-enable:0
> s:phase2-transform:esp-aes
> n:phase2-keylen:256
> s:phase2-hmac:sha2-256
> s:ipcomp-transform:disabled
> n:phase2-pfsgroup:14
> n:phase2-life-secs:3600
> n:phase2-life-kbytes:0
> s:policy-level:auto
> n:policy-nailed:0
> n:policy-list-auto:1
>
> Routes before connecting to VPN:
> $ sudo route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> default         home.lan        0.0.0.0         UG    0      0        0
> eth0
> 192.168.1.0     *               255.255.255.0   U     0      0        0
> eth0
>
> Routes after connecting to VPN (the external IP is redacted):
> $ sudo route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> default         10.50.60.1      0.0.0.0         UG    0      0        0
> tap0
> default         192.168.1.1     0.0.0.0         UG    0      0        0
> eth0
> 10.50.60.0      *               255.255.255.0   U     0      0        0
> tap0
> <redacted>      192.168.1.1     255.255.255.255 UGH   0      0        0
> eth0
> 192.168.1.0     *               255.255.255.0   U     0      0        0
> eth0
> _______________________________________________
> vpn-help mailing list
> vpn-help at lists.shrew.net
> https://lists.shrew.net/mailman/listinfo/vpn-help
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20160220/2a611494/attachment.html>

More information about the vpn-help mailing list