[ previous ] [ next ] [ threads ]
 
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  "Chris Buechler" <cbuechler at gmail dot com>, "David Kitchens" <spider at webweaver dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] VPN wont pass ping
 Date:  Sat, 6 Aug 2005 03:04:28 +0200
try tracerouting from both sides to see where the traffic dies. maybe this puts some light on it.

Holger




Von: David Kitchens [mailto:spider at webweaver dot com]
Gesendet: Samstag, 6. August 2005 02:57
An: 'Chris Buechler'
Cc: m0n0wall at lists dot m0n0 dot ch
Betreff: RE: [m0n0wall] VPN wont pass ping


Yes, got the basics covered there, two brand new soekris 4501, m0n0 b9,
192.168.1 on m0n0a, 192.168.131 on m0n0b. Once it looked to be up, I tried
to ping the server at 1.20 from the m0n0b side, had 3389 opened for access
to m0n0a side and connected to a desktopp across WAN and tried pinging back
to the 131.6 address of my laptop and ping wont pass and I can't get a
connection to the unix file server. It's an appliace company, and they
wanted to get rid of the static phone line between the two stores and use
vpn and eventually voip thru it. I can't map a windows drive or anything.
Internet access was no sweat, Comcast cable on both sides, business class on
m0n0a with static address.

Dave

> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com] 
> Sent: Friday, August 05, 2005 8:38 PM
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] VPN wont pass ping
> 
> On 8/5/05, David Kitchens <spider at webweaver dot com> wrote:
> > Can someone give me some diagnostic commands that would 
> tell me why a 
> > m0n0-m0n0 ipsec vpn will not pass traffic? Logs tell me the 
> tunnel is 
> > up fine, SAD and SPD entries were there and it looked fine, 
> just can't 
> > ping anything on other side. I tore them both down, redid 
> them, same 
> > thing happened, I restarted ipsec and the SAD entries are missing. 
> > netstat -rn has no routes to the other m0n0 in it. HELP :)
> > 
> 
> subnets on each side different?  weren't trying to ping from 
> m0n0wall itself (i.e. in the GUI) were you? (that won't work, 
> see FAQ on SNMP over VPN, same reason)  m0n0walls are the 
> default gateways on both sides?
> 
> -Chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


____________
Virus checked by G DATA AntiVirusKit