Netgear FVX538 and VPN configuration problem

I configured the VPN with an IPSEC third party client package.  I can create the tunnel and I do have a connection but I can only ping the LAN ip of the Netgear router.  I cannot access any computers on the LAN.  I had first tried a test where I just plugged in a single PC configured with my 172 network and I could connect and map drives just fine.  I then disconnected that PC and connected the Netgear LAN port to my switch on my main LAN with a crossover cable. Now I can only ping the Netgear router but no other PC on the LAN.  I used the diagnostic tab on the netgear web tool and I can ping computers on the LAN by selecting to use the VPN tunnel. So I know the connection is fine.
djpierce54Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MikeKaneCommented:
Start by providing a layout of the ip subnets and physical locations.   I assume this is a client out on the public internet that establishes a VPN to the netgear.   The netgear then has an internal lan with a 172.0.0.0 subnet correct?  

Can the internal host ping the ip of the inside int of the netgear?
When the VPN is established, can you ping the internal IP of a host? (not the pc name, but the IP).  
 
0
djpierce54Author Commented:
You are correct on the first paragraph.  Yes any computer on the 172 LAN can ping the Netgear LAN IP 172.168.100.58.  After the VPN has been established the external client can only ping the 172.168.100.58 Netgear LAN connection.  The external client cannot ping any other PC on the 172 LAN.  If I use the Netgear web admin tool and select Diagnostics I can ping any machine on the 172 LAN as long as I select to ping through the Tunnel.  Of course, the web admin is being accessed through a public IP and it does not matter if the VPN is established or not.
0
MikeKaneCommented:
What 3rd party client are you using?  

In the client, make sure that you have the remote subnet defined correctly (not just the ip of the netgear).   Are there any logs available fro the 3rd party?   A route table perhaps showing the routes after the VPN is established?  

AS a reference, here is how the netgear VPN client would be configured....http://kb.netgear.com/app/answers/detail/a_id/998
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

djpierce54Author Commented:
Third Party is ShrewSoft - Let me have a look at the configuration and review the Netgear paper and I'll get back.  I did look at this once but I better dig a little deeper
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
djpierce54Author Commented:
OK - I think I had a brainfart.  As I mentioned the VPN client could ping the VPN router at 172.168.100.58 but nothing on the LAN.  Issue is I plugged this VPN box into our existing LAN which is all DHCP with gateway to 172.168.100.1 (our firewall).  If I just plug a laptop into the VPN router and configure on the 172 network with gateway=172.168.100.58 then I have total access to that PC from the VPN client.  All this time it appears to have been the gateway mismatch.  That sound right to you?
0
MikeKaneCommented:
Very possible if the LAN machines had no path back to the VPN subnet range.   And explains why the single PC in the netgear functioned, but failed with the rest of the network.    

Was the netgear also serving DHCP addresses or did you test with a static address on the 1 pc that worked?  

Sounds like you found the answer.
0
djpierce54Author Commented:
Resolved the issue as I had the incorrect gateway
0
djpierce54Author Commented:
Yes I was using a static IP on the PC.  So I was matching the FVX538 LAN network config
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.