[ previous ] [ next ] [ threads ]
 From:  "David Kitchens" <spider at webweaver dot com>
 To:  "'Chris Buechler'" <cbuechler at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] VPN wont pass ping
 Date:  Fri, 5 Aug 2005 20:57:26 -0400
Yes, got the basics covered there, two brand new soekris 4501, m0n0 b9,
192.168.1 on m0n0a, 192.168.131 on m0n0b. Once it looked to be up, I tried
to ping the server at 1.20 from the m0n0b side, had 3389 opened for access
to m0n0a side and connected to a desktopp across WAN and tried pinging back
to the 131.6 address of my laptop and ping wont pass and I can't get a
connection to the unix file server. It's an appliace company, and they
wanted to get rid of the static phone line between the two stores and use
vpn and eventually voip thru it. I can't map a windows drive or anything.
Internet access was no sweat, Comcast cable on both sides, business class on
m0n0a with static address.


> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com] 
> Sent: Friday, August 05, 2005 8:38 PM
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] VPN wont pass ping
> On 8/5/05, David Kitchens <spider at webweaver dot com> wrote:
> > Can someone give me some diagnostic commands that would 
> tell me why a 
> > m0n0-m0n0 ipsec vpn will not pass traffic? Logs tell me the 
> tunnel is 
> > up fine, SAD and SPD entries were there and it looked fine, 
> just can't 
> > ping anything on other side. I tore them both down, redid 
> them, same 
> > thing happened, I restarted ipsec and the SAD entries are missing. 
> > netstat -rn has no routes to the other m0n0 in it. HELP :)
> > 
> subnets on each side different?  weren't trying to ping from 
> m0n0wall itself (i.e. in the GUI) were you? (that won't work, 
> see FAQ on SNMP over VPN, same reason)  m0n0walls are the 
> default gateways on both sides?
> -Chris
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch