<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18904">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>If You use NetGear with ModeConfig you must use XAUTH because
NetGear has bug in their products (only NetScreen works OK on configuration with
modeconfig and xauth disabled)</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Next basic thing is that ModeConfig IP pull must be different
of LAN and WAN so You can't use the same subment 192.168.1.x</FONT></DIV>
<DIV><FONT size=2>Change mode-config adresses to 192.168.2.x and it will be fine
(NetGear has default routing so You don't need to change anything on clients
computers)</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Regards,</FONT></DIV>
<DIV><FONT size=2> Michal Wegrzyn</FONT></DIV>
<BLOCKQUOTE
style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B>
<A title=mikelupo@aol.com href="mailto:mikelupo@aol.com">mikelupo@aol.com</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=vpn-help@lists.shrew.net
href="mailto:vpn-help@lists.shrew.net">vpn-help@lists.shrew.net</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Sunday, May 09, 2010 6:14 PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [vpn-help] VPN not passing
traffic using Shrew Client</DIV>
<DIV><BR></DIV><FONT color=black size=2 face=arial>
<DIV><FONT face="Arial, Helvetica, sans-serif">Hi Kevin,</FONT></DIV>
<DIV>Thanks so much for your response. </DIV>
<DIV> </DIV>
<DIV>To your post:</DIV>
<DIV> </DIV>
<DIV>1) I do not have overlapping local LAN IP address ranges.</DIV>
<DIV>In fact, my local LAN address is 10.0.0.x and the remote lan address
(behind the VPN router) is in the 192.168.1.175 -to-192.168.1.195 range.
So no problem there.</DIV>
<DIV>So listed:</DIV>
<DIV>192.168.1.1 is the VPN's local network gateway address.</DIV>
<DIV>192.168.1.175 thru 195 is the DHCP address range as set up in the Netgear
mode-config for VPN clients connecting.</DIV>
<DIV>255.255.255.0 is the network mask used by VPN and client so that they
match on both ends.</DIV>
<DIV> </DIV>
<DIV>The WAN address is NOT static unfortunately as Comcast refused the
business owner. As a workaround, we're using dyndns.org.</DIV>
<DIV> </DIV>
<DIV>2) I will uninstall 2.1.5 in favor of the 2.1.6 beta and see if this
helps.</DIV>
<DIV>Is there any log file or any other source of information that I could
post that would perhaps give greater visibilty into the issue?</DIV>
<DIV> </DIV>
<DIV>Thanks again,</DIV>
<DIV>Mike</DIV>
<DIV><BR> </DIV>
<DIV style="FONT-FAMILY: arial,helvetica; COLOR: black; FONT-SIZE: 10pt">
<BLOCKQUOTE style="BORDER-LEFT: blue 2px solid; PADDING-LEFT: 3px"><PRE><TT><TT></TT></PRE></TT></BLOCKQUOTE></DIV><BR><BR>
<DIV style="CLEAR: both"></DIV><BR><BR>
<DIV
style="FONT-FAMILY: arial,helvetica; COLOR: black; FONT-SIZE: 10pt">-----Original
Message-----<BR>From: kevin shrew-vpn <klmlk@hotmail.com><BR>To:
vpn-help@lists.shrew.net<BR>Sent: Sun, May 9, 2010 11:27 am<BR>Subject: Re:
[vpn-help] VPN not passing traffic using Shrew Client<BR><BR>
<DIV
style="BACKGROUND-COLOR: #fff; MARGIN: 0px; FONT-FAMILY: Tahoma, Verdana, Arial, Sans-Serif; COLOR: #000; FONT-SIZE: 12px"
id=AOLMsgPart_0_ff6afc69-64b6-46f3-bbd0-ef20907cab97><PRE style="FONT-SIZE: 9pt"><TT>On Sun, 09 May 2010 10:12:12 -0400
<A __removedLink__1537615504__href="mailto:mikelupo@aol.com">mikelupo@aol.com</A> wrote:
>
> I am running Shrew Client (2.1.5) on Windows XP connecting to a
> Netgear VPN Prosafe FVS318G at a remote site. I have configured the
> client according to Shrew's "How-To" for a similar model Netgear
> Prosafe VPNs.
>
> The Tunnel connection succeeds and I can see in the VPN log (on the
> prosafe router) that the SA Connection is also established
> successfully. On the VPN client side the Shrewsoft VPN trace output
> shows that the SA is Mature. The problem is that when I ping the VPN
> router's LAN address (192.168.1.1) ping returns no hits. Essentially
> the packets are being dropped.
>
Hi Mike, I can think of two reasons it might not work.
First, since your VPN gateway uses private addresses 192.168.1.1, is it possible
that you have overlapping private subnets at both ends of the tunnel?
Try to change one of your address ranges if they are overlapping.
Secondly, in Shrew 2.1.5, if you configure the Policy such that the VPN
gateway IP is in the tunnel range, Shrew will try to tunnel the traffic
destined for the gateway IP. The later betas of 2.1.6 resolve this
issue.
_______________________________________________
vpn-help mailing list
<A __removedLink__1537615504__href="mailto:vpn-help@lists.shrew.net">vpn-help@lists.shrew.net</A>
<A target=_blank __removedLink__1537615504__href="http://lists.shrew.net/mailman/listinfo/vpn-help">http://lists.shrew.net/mailman/listinfo/vpn-help</A>
</TT></PRE></DIV><!-- end of AOLMsgPart_0_ff6afc69-64b6-46f3-bbd0-ef20907cab97 --></DIV></FONT>
<P>
<HR>
<P></P>_______________________________________________<BR>vpn-help mailing
list<BR>vpn-help@lists.shrew.net<BR>http://lists.shrew.net/mailman/listinfo/vpn-help<BR></BLOCKQUOTE></BODY></HTML>