Solved

vpn ping issue

Posted on 2014-12-17
5
70 Views
Last Modified: 2015-04-16
Hello folks:

I was just wondering if I can pick your brains on this one:

i have setup a vpn between two sites. One site has a Linksys router and the other Juniper router.

created two tunnels: 1st tunnel: 192.168.5.x  <----> 192.168.200.x  this one working fine. ping going across both sides fine
2nd tunnel:  192.168.150.x <------------>  192.168.160.x   .  can ping from 192.168.160.x  but not from 192.168.150.x

both tunnels have exaclt: ipset configs settings.     i have deleted and recreated the 2nd tunner on the Linksys site but still the 2nd tunnel can not ping the remote sites.  keep in mind, both sides showing tunnel is connected.

i know something is not right on the juniper sites ... can anyone recommend what to look for on the juniper site?
0
Comment
Question by:mwauki
  • 3
5 Comments
 
LVL 11

Expert Comment

by:rharland2009
ID: 40504591
What is the subnet mask of the 192.168.150.x network on the 2nd tunnel?
Also, do any firewall rules enter into this equation?
Third, can you pass any OTHER traffic over the problematic tunnel - like http or something?
Finally, are you able to watch counters for the tunnel and see traffic of any sort passing from the problem side?
0
 

Author Comment

by:mwauki
ID: 40505885
255.255.255.0

192.168.150.x has no firewall except the defaults... but still don't make sense y the duplicate tunnel works fine but not this one?

gonna try to pass http thru.   I can't see the ping coming from the other end on my logs on the Linksys.
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40507719
Did you check the Windows Firewall settings on .160 (if those are Windows clients)?
And "tunnel up" isn't reliable - the tunnel might still be in failing negotiation.

The Juniper site is able to switch on specific logging for traffic, and should make use of that for troubleshooting. They might not have an inbound policy for that traffic.
0
 

Author Comment

by:mwauki
ID: 40515904
thank you all for you time and support... issue has been resolved.  the other end of the tunnel, the operator, said he dissected the firewall and noticed I was sending in a mask packet? lol.  all is good now
0
 

Author Closing Comment

by:mwauki
ID: 40728636
thanks for support
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RIP Routing 5 61
Read-only SNMP string example ? 7 76
WAN Site Edge Routers 15 50
HLN Channel commercial offering free credit score from 3 credit bureaus 3 32
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now