Solved

vpn ping issue

Posted on 2014-12-17
5
76 Views
Last Modified: 2015-04-16
Hello folks:

I was just wondering if I can pick your brains on this one:

i have setup a vpn between two sites. One site has a Linksys router and the other Juniper router.

created two tunnels: 1st tunnel: 192.168.5.x  <----> 192.168.200.x  this one working fine. ping going across both sides fine
2nd tunnel:  192.168.150.x <------------>  192.168.160.x   .  can ping from 192.168.160.x  but not from 192.168.150.x

both tunnels have exaclt: ipset configs settings.     i have deleted and recreated the 2nd tunner on the Linksys site but still the 2nd tunnel can not ping the remote sites.  keep in mind, both sides showing tunnel is connected.

i know something is not right on the juniper sites ... can anyone recommend what to look for on the juniper site?
0
Comment
Question by:mwauki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 11

Expert Comment

by:rharland2009
ID: 40504591
What is the subnet mask of the 192.168.150.x network on the 2nd tunnel?
Also, do any firewall rules enter into this equation?
Third, can you pass any OTHER traffic over the problematic tunnel - like http or something?
Finally, are you able to watch counters for the tunnel and see traffic of any sort passing from the problem side?
0
 

Author Comment

by:mwauki
ID: 40505885
255.255.255.0

192.168.150.x has no firewall except the defaults... but still don't make sense y the duplicate tunnel works fine but not this one?

gonna try to pass http thru.   I can't see the ping coming from the other end on my logs on the Linksys.
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40507719
Did you check the Windows Firewall settings on .160 (if those are Windows clients)?
And "tunnel up" isn't reliable - the tunnel might still be in failing negotiation.

The Juniper site is able to switch on specific logging for traffic, and should make use of that for troubleshooting. They might not have an inbound policy for that traffic.
0
 

Author Comment

by:mwauki
ID: 40515904
thank you all for you time and support... issue has been resolved.  the other end of the tunnel, the operator, said he dissected the firewall and noticed I was sending in a mask packet? lol.  all is good now
0
 

Author Closing Comment

by:mwauki
ID: 40728636
thanks for support
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Suggested Courses
Course of the Month9 days, 5 hours left to enroll

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question