Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1120
  • Last Modified:

Connect (2) BEFVP41 routers - VPN

This was posted in the wrong area:

I have (2) Linksys BEFVP41 routers that have successfully show as connected but I'm unable to ping any device on the server side.  I have all the authentication/encryption disabled while I troubleshoot to narrow the problems down.  Any insight??


Comment from tdn_1998
Date: 11/04/2004 02:45AM PST
Your Comment
Any takers??

Comment from thomas_lim  feedback
Date: 11/04/2004 05:40PM PST
Comment  
Try removing any firewall software on your PC's if it still does not work i'll give you a more complete troubleshoot procedure you can follow

Comment from tdn_1998
Date: 11/05/2004 02:40AM PST
Your Comment
unfortunately no success.  Let me provide some more specifics....

Home PC> Router BEFVP41  Version 2 > Comcast

<> Internet <>  1/4 T1 provided by building which is being subleased.  They provided us w/ a small block of IPs.

Router BEFVP41  Version 1>Org

BEFVP41V2
55.55.55.55 outside
192.168.2.1 inside
No firewall

BEFVP41V1
44.44.44.44 outside
192.168.1.1 inside
Gateway mode
*  When swithed to Router mode email does not function properly



10:03:32 IKE[1] Tx >> MM_I1 : 55.55.55.55 SA
10:03:33 IKE[1] Rx << MM_R1 : 55.55.55.55 SA
10:03:33 IKE[1] ISAKMP SA CKI=[2bafa72 27e72c3f] CKR=[4fc9a0fa 18078b43]
10:03:33 IKE[1] ISAKMP SA DES / SHA / PreShared / MODP_768 / 28800 sec (*28800 sec)
10:03:33 IKE[1] Tx >> MM_I2 : 55.55.55.55 KE, NONCE
10:03:34 IKE[1] Rx << MM_R2 : 55.55.55.55 KE, NONCE
10:03:34 IKE[1] Tx >> MM_I3 : 55.55.55.55 ID, HASH
10:03:34 IKE[1] Rx << MM_R3 : 55.55.55.55 ID, HASH
10:03:34 IKE[1] Tx >> QM_I1 : 55.55.55.55 HASH, SA, NONCE, ID, ID
10:03:34 IKE[1] Rx << QM_R1 : 55.55.55.55 HASH, SA, NONCE, ID, ID
10:03:34 IKE[1] Tx >> QM_I2 : 55.55.55.55 HASH
10:03:34 IKE[1] ESP_SA NULL / RSV / 3600 sec (*3600 sec) / SPI=[bb677b8f:c31caee7]
10:03:34 IKE[1] Set up ESP tunnel with 55.55.55.55 Success !

Pings to the org fail w/ Request timeout
0
tdn_1998
Asked:
tdn_1998
  • 5
  • 2
  • 2
2 Solutions
 
blin2000Commented:
posting the secure group settings here may help.
0
 
tdn_1998Author Commented:
Secure group settings??
0
 
tdn_1998Author Commented:
Secure Group Setting:

BEFVP41V2    -   Remote Location
55.55.55.55 outside
192.168.2.1 inside
Remote Secure Subnet 192.168.1.0\24
Remote Gateway 44.44.44.44

BEFVP41V1     -   Organization
44.44.44.44 outside
192.168.1.1 inside
Remote Secure Subnet 192.168.2.0\24
Remote Gateway 55.55.55.55
Gateway mode

Any idea why when I switch to router mode that email doesn't  work even though I have the port open?  when in gateway mode it works.  I have a Netgear FVS318 but when I replace at the org I get the sam results.  

Thanks
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
tdn_1998Author Commented:
Up'ed the points as I need to resolve asap
0
 
blin2000Commented:
why do you want to use router mode?
0
 
tdn_1998Author Commented:
cuz i read other people suggest that mode.  Nevertheless I'm still unable to ping any devices on the other side.  Any insight?
0
 
lrmooreCommented:
Do you have an option on the LInksys in the VPN settings like these (WRV54G)
VPN tunnel:   (*) enabled    ()disabled
VPN Gateway: ()enabled     (*)disabled  <-- this gateway mode must be disabled

Your router must remain in gateway mode rather than router mode. Gateway mode enables NAT for your inside hosts to get out. Switching to router mode disables NAT.

Is the respective Linksys the default gateway on all the PC's/servers at both sites?

0
 
tdn_1998Author Commented:
VPN Tunnel enabled & device is in gateway mode.
0
 
lrmooreCommented:
VPN Gateway is Disabled?

Is the respective Linksys the default gateway on all the PC's/servers at both sites?
I'm sure it is on your side because you have a mail server that works? But how about the other side?



0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 5
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now