Solved

GB-250 VPN Box - Not able to ping to the External interface

Posted on 2008-10-11
4
512 Views
Last Modified: 2013-11-29
I am using GB-250 VPN box.
I have configured the external inteface with valid IP connected to internet.
I was successfully able to access that box from internet using https access.
But i am not able to ping to that IP from Internet.
What configurations should i change so that i can ping that device from internet.
0
Comment
Question by:RajeevSrikant
  • 3
4 Comments
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694056
Most routers have ICMP requests (replies to pings) disabled as a security feature. This helps to protect from Denial of Services Attacks, and often hides you from scanners. "Out of sight out of mind". Keeping that in mind there is usually an option under the firewall/security detection of the firewall configuration such as deny/allow WAN/ICMP/Ping requests.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694176
Looking at the manual for that unit, pings are definitely denied and there are very detailed configurations just to manage logging and alarms for pings from the internet. You might be able to disable using Configuration > Security Policies > Preferences > Deny Invalid Packets > disable, but this is a security risk as mentioned earlier.
0
 

Author Comment

by:RajeevSrikant
ID: 22697303

 
I am using GB-250 for setting up the IPSec VPN tunnel to my remote office. My remote office use the Routefinder as VPN Box.
I have already confiugred the GB-250 for the IPSec tunnel by some how the IPsec tunnel is not getting established.
I want to troubleshoot and enable the tunnel.
Attached is the digarm representing the network. Also the IPSec VPN sec parameters which are configured at the remote office side. I want what configuration i should make on GD-250 to establish the tunnel
 
Let me know what are the other details required to address this problem.
 

 
Diagram.GIF
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 22697885
If you have HTTPS access there is little need to enable ICMP replies for testing.
As for the VPN, there are numerous options to configure and complex enough with two identical routers, but it can be more difficult with dis-similar units. I am afraid I am not familiar with either unit enough to assist with the VPN configuration. Perhaps others will be able to assist.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now