Solved

GB-250 VPN Box - Not able to ping to the External interface

Posted on 2008-10-11
4
529 Views
Last Modified: 2013-11-29
I am using GB-250 VPN box.
I have configured the external inteface with valid IP connected to internet.
I was successfully able to access that box from internet using https access.
But i am not able to ping to that IP from Internet.
What configurations should i change so that i can ping that device from internet.
0
Comment
Question by:RajeevSrikant
  • 3
4 Comments
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694056
Most routers have ICMP requests (replies to pings) disabled as a security feature. This helps to protect from Denial of Services Attacks, and often hides you from scanners. "Out of sight out of mind". Keeping that in mind there is usually an option under the firewall/security detection of the firewall configuration such as deny/allow WAN/ICMP/Ping requests.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694176
Looking at the manual for that unit, pings are definitely denied and there are very detailed configurations just to manage logging and alarms for pings from the internet. You might be able to disable using Configuration > Security Policies > Preferences > Deny Invalid Packets > disable, but this is a security risk as mentioned earlier.
0
 

Author Comment

by:RajeevSrikant
ID: 22697303

 
I am using GB-250 for setting up the IPSec VPN tunnel to my remote office. My remote office use the Routefinder as VPN Box.
I have already confiugred the GB-250 for the IPSec tunnel by some how the IPsec tunnel is not getting established.
I want to troubleshoot and enable the tunnel.
Attached is the digarm representing the network. Also the IPSec VPN sec parameters which are configured at the remote office side. I want what configuration i should make on GD-250 to establish the tunnel
 
Let me know what are the other details required to address this problem.
 

 
Diagram.GIF
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 22697885
If you have HTTPS access there is little need to enable ICMP replies for testing.
As for the VPN, there are numerous options to configure and complex enough with two identical routers, but it can be more difficult with dis-similar units. I am afraid I am not familiar with either unit enough to assist with the VPN configuration. Perhaps others will be able to assist.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to know if DNS name is  record A or if is ZONE 2 38
IPsec VPN - which encryption? 5 58
VPN Server 5 55
SSL-VPN 1 53
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question