Netgear FVX538 and VPN configuration problem

Posted on 2009-06-30
Last Modified: 2012-05-07
I configured the VPN with an IPSEC third party client package.  I can create the tunnel and I do have a connection but I can only ping the LAN ip of the Netgear router.  I cannot access any computers on the LAN.  I had first tried a test where I just plugged in a single PC configured with my 172 network and I could connect and map drives just fine.  I then disconnected that PC and connected the Netgear LAN port to my switch on my main LAN with a crossover cable. Now I can only ping the Netgear router but no other PC on the LAN.  I used the diagnostic tab on the netgear web tool and I can ping computers on the LAN by selecting to use the VPN tunnel. So I know the connection is fine.
Question by:djpierce54
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
LVL 33

Expert Comment

ID: 24746441
Start by providing a layout of the ip subnets and physical locations.   I assume this is a client out on the public internet that establishes a VPN to the netgear.   The netgear then has an internal lan with a subnet correct?  

Can the internal host ping the ip of the inside int of the netgear?
When the VPN is established, can you ping the internal IP of a host? (not the pc name, but the IP).  

Author Comment

ID: 24746553
You are correct on the first paragraph.  Yes any computer on the 172 LAN can ping the Netgear LAN IP  After the VPN has been established the external client can only ping the Netgear LAN connection.  The external client cannot ping any other PC on the 172 LAN.  If I use the Netgear web admin tool and select Diagnostics I can ping any machine on the 172 LAN as long as I select to ping through the Tunnel.  Of course, the web admin is being accessed through a public IP and it does not matter if the VPN is established or not.
LVL 33

Expert Comment

ID: 24746631
What 3rd party client are you using?  

In the client, make sure that you have the remote subnet defined correctly (not just the ip of the netgear).   Are there any logs available fro the 3rd party?   A route table perhaps showing the routes after the VPN is established?  

AS a reference, here is how the netgear VPN client would be configured....
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Accepted Solution

djpierce54 earned 0 total points
ID: 24746735
Third Party is ShrewSoft - Let me have a look at the configuration and review the Netgear paper and I'll get back.  I did look at this once but I better dig a little deeper

Author Comment

ID: 24798847
OK - I think I had a brainfart.  As I mentioned the VPN client could ping the VPN router at but nothing on the LAN.  Issue is I plugged this VPN box into our existing LAN which is all DHCP with gateway to (our firewall).  If I just plug a laptop into the VPN router and configure on the 172 network with gateway= then I have total access to that PC from the VPN client.  All this time it appears to have been the gateway mismatch.  That sound right to you?
LVL 33

Expert Comment

ID: 24824182
Very possible if the LAN machines had no path back to the VPN subnet range.   And explains why the single PC in the netgear functioned, but failed with the rest of the network.    

Was the netgear also serving DHCP addresses or did you test with a static address on the 1 pc that worked?  

Sounds like you found the answer.

Author Comment

ID: 24824199
Resolved the issue as I had the incorrect gateway

Author Comment

ID: 24824220
Yes I was using a static IP on the PC.  So I was matching the FVX538 LAN network config

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question