Solved

GB-250 VPN Box - Not able to ping to the External interface

Posted on 2008-10-11
4
531 Views
Last Modified: 2013-11-29
I am using GB-250 VPN box.
I have configured the external inteface with valid IP connected to internet.
I was successfully able to access that box from internet using https access.
But i am not able to ping to that IP from Internet.
What configurations should i change so that i can ping that device from internet.
0
Comment
Question by:RajeevSrikant
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694056
Most routers have ICMP requests (replies to pings) disabled as a security feature. This helps to protect from Denial of Services Attacks, and often hides you from scanners. "Out of sight out of mind". Keeping that in mind there is usually an option under the firewall/security detection of the firewall configuration such as deny/allow WAN/ICMP/Ping requests.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 22694176
Looking at the manual for that unit, pings are definitely denied and there are very detailed configurations just to manage logging and alarms for pings from the internet. You might be able to disable using Configuration > Security Policies > Preferences > Deny Invalid Packets > disable, but this is a security risk as mentioned earlier.
0
 

Author Comment

by:RajeevSrikant
ID: 22697303

 
I am using GB-250 for setting up the IPSec VPN tunnel to my remote office. My remote office use the Routefinder as VPN Box.
I have already confiugred the GB-250 for the IPSec tunnel by some how the IPsec tunnel is not getting established.
I want to troubleshoot and enable the tunnel.
Attached is the digarm representing the network. Also the IPSec VPN sec parameters which are configured at the remote office side. I want what configuration i should make on GD-250 to establish the tunnel
 
Let me know what are the other details required to address this problem.
 

 
Diagram.GIF
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 22697885
If you have HTTPS access there is little need to enable ICMP replies for testing.
As for the VPN, there are numerous options to configure and complex enough with two identical routers, but it can be more difficult with dis-similar units. I am afraid I am not familiar with either unit enough to assist with the VPN configuration. Perhaps others will be able to assist.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question