<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>Hi Kevin,<br><br>Thanks for response. <br><br>I kind of solve the problem. Below are some lessons I learnt so far: <br><br>1. The IP Pool in SSG20 shall be private add. for instance 172.16.90.1 which differs from my target private add. 192.168.11.0/24. <br><br>2. when tap0 is assigned with name server 192.168.11.20/192.168.11.1 I found I shall allow query from 172.16.0.0/16 and set recursion to yes in name server 192.168.11.20. <br><br>So far so good but I am planning currently to setup another VPN user (who belongs to same department as previous one) to access SSG20. Should I create new Local Identity and Remote Identity peer or just create new Local Identity? <br><br>Many thanks for attention.<br><br>Eric <br><br><div><div id="SkyDrivePlaceholder"></div>> Date: Thu, 18 Apr 2013 23:06:57 -0400<br>> From: kvpn@live.com<br>> To: vpn-help@lists.shrew.net<br>> Subject: Re: [vpn-help] Shrew 2.17 on Ubuntu 12.04.2 LTS established with Juniper SSG20 but can ping nowhere<br>> <br>> On 04/18/2013 03:04 AM, eric xu wrote:<br>> > Hi All,<br>> ><br>> > As a new user I run into problem as described briefly in caption. More details is as follows:<br>> ><br>> > - Shrew Version: 2.17 complied on Ubuntu 12.04.2 LTS 32-bit (IBM T41)<br>> > - Gateway: Juniper SSG20 Version: 6.2.0r5.0 (Firewall+VPN)<br>> > - qikea shows "Established"<br>> > - tap0 created but can ping nowhere into the private network (192.168.11.0/24)<br>> ><br>> > Ifconfig:<br>> > eth0 Link encap:Ethernet HWaddr 00:0d:60:b2:ac:27<br>> > UP BROADCAST MULTICAST MTU:1500 Metric:1<br>> > RX packets:0 errors:0 dropped:0 overruns:0 frame:0<br>> > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0<br>> > collisions:0 txqueuelen:1000<br>> > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)<br>> ><br>> > eth1 Link encap:Ethernet HWaddr 00:0c:f1:40:6e:73<br>> > inet addr:117.128.171.xxx Bcast:117.128.171.63 Mask:255.255.255.192<br>> > inet6 addr: fe80::20c:f1ff:fe40:6e73/64 Scope:Link<br>> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br>> > RX packets:79181 errors:0 dropped:0 overruns:0 frame:0<br>> > TX packets:69530 errors:0 dropped:0 overruns:0 carrier:0<br>> > collisions:0 txqueuelen:1000<br>> > RX bytes:91427974 (91.4 MB) TX bytes:6226954 (6.2 MB)<br>> > Interrupt:11 Base address:0x8000 Memory:c0214000-c0214fff<br>> ><br>> > lo Link encap:Local Loopback<br>> > inet addr:127.0.0.1 Mask:255.0.0.0<br>> > inet6 addr: ::1/128 Scope:Host<br>> > UP LOOPBACK RUNNING MTU:16436 Metric:1<br>> > RX packets:1708 errors:0 dropped:0 overruns:0 frame:0<br>> > TX packets:1708 errors:0 dropped:0 overruns:0 carrier:0<br>> > collisions:0 txqueuelen:0<br>> > RX bytes:275161 (275.1 KB) TX bytes:275161 (275.1 KB)<br>> ><br>> > tap0 Link encap:Ethernet HWaddr e6:00:e5:3d:d4:17<br>> > inet addr:192.168.11.25 Bcast:192.168.11.25 Mask:255.255.255.255<br>> > inet6 addr: fe80::e400:e5ff:fe3d:d417/64 Scope:Link<br>> > UP BROADCAST RUNNING MTU:1380 Metric:1<br>> > RX packets:0 errors:0 dropped:0 overruns:0 frame:0<br>> > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0<br>> > collisions:0 txqueuelen:500<br>> > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)<br>> ><br>> > route:<br>> ><br>> > Kernel IP routing table<br>> > Destination Gateway Genmask Flags Metric Ref Use Iface<br>> > default 117.128.171.1 0.0.0.0 UG 0 0 0 eth1<br>> > 117.128.171.0 * 255.255.255.192 U 2 0 0 eth1<br>> > 120.72.49.xxx 117.128.171.1 255.255.255.255 UGH 0 0 0 eth1<br>> > link-local * 255.255.0.0 U 1000 0 0 eth1<br>> > 192.168.11.0 192.168.11.25 255.255.255.0 UG 0 0 0 tap0<br>> ><br>> ><br>> <br>> Hi Eric,<br>> <br>> Can you generate a log trace for us using the instructions below? <br>> Please make sure the log_level is at debug.<br>> https://www.shrew.net/support/VPN_Bug_Report_Unix<br>> <br>> <br>> _______________________________________________<br>> vpn-help mailing list<br>> vpn-help@lists.shrew.net<br>> https://lists.shrew.net/mailman/listinfo/vpn-help<br></div> </div></body>
</html>