[vpn-help] Shrewsoft can connect, my user cannot ping or connect to any internal hosts

[Michael Schwager]

Hello,
We have a Cisco ASA at work that we use to VPN in with. I- along with many
of our users- can connect in from Windows using Shrewsoft. I connect in
from my Linux box using vpnc. It's all quite simplistic, it seems to me. No
monkey business that I can see. My vpnc.conf file has only 4 lines, "IPSec
gateway", "IPSec ID", "IPSec secret", "Xauth username". ...which is merely
to say, the configuration seems quite straightforward.

However, one of my users' connection does not work for him. He is running a
Windows 7 desktop and he can login to IPSec but once the Shrewsoft client
is up, he cannot connect to or ping any internal hosts.

I (and others) can do both. I can get in from not only my Linux desktop but
my Windows VM.

I have compared his routing table with my Windows VM's routing table, and
besides the fact that he has VirtualBox on his local machine (ie extra
interface), and his IP address starts with 192.168 (vs. my 10.0), I don't
see anything odd. He gets the following error; where 10.254.254.45 is his
local interface IP:

>ping 10.140.99.28

Pinging 10.140.99.28 with 32 bytes of data:
Reply from 10.254.254.45: Destination host unreachable.
Request timed out.
Request timed out.
Request timed out.

How can I begin to debug this thing? I've checked the settings as you can
see but I'm not sure how to figure out where his routing is failing.

Thanks.
-- 
-Mike Schwager
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20160117/05e3e55d/attachment.html>