[ previous ] [ next ] [ threads ]
 
 From:  sylikc <sylikc at gmail dot com>
 To:  ts86 <tanuj at ts86 dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSec VPN from Windows SafeNet SoftRemoteLT client
 Date:  Fri, 1 Apr 2005 00:19:11 -0800
T,

On Mar 30, 2005 1:28 PM, ts86 <tanuj at ts86 dot net> wrote:
> Basically, I've followed the guide as in part 13.1 of the online Users
> Guide. The SafeNet SoftRemoteLT client software (Windows 2000 Pro laptop)
> says it has connected properly. The Log Viewer also reflects that. However,
> nothing can be "done" over it. For example, I can't ping the LAN interface
> or access FTP/mail services on one of the boxes.
> 
> Currently we're using PPTP connections, but this is not very good. Upon
> connection the client sees a new interface with the VPN IP address.

I'm not sure if you've received a private reply to this already, but
here's my $0.02.  I've seen this issue before in my own trials with
IPSec where the logs say it's connected but no traffic gets exchanged.

PPTP seems to work because it uses different set of protocols than
IPSec.  This issue occurred after the network I was trying to VPN from
broken into a hierchichal topology where there are multiple internal
hops before hitting the the border gateway to the internet.  I'm
suggesting the reason it doesn't work lends itself to GRE not being
routed around correctly, but try checking your network configuration
to see if the passthrough is configured properly at each segment. 
Also, if possible, try to connect closest to the border router, and
keep going back until you figure out the router that is misconfigured.


/sylikc