|
Posted by Michal Z. on July 21, 2005, 11:00 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
I have established a VPN between two ZyWALL 5 routers in two different
places. Both are connected to the DSL Internet connection with fixed IP
address.
My configuration looks like this:
Branch A
- ZyWALL WAN IP- xxx.xxx.xxx.86
- Key Management - IKE
- Local IP Address - 192.168.0.1 - 192.168.0.253
- Remote IP Address - 192.168.10.1 - 192.168.10.253
- Encap. - Tunnel
- IPSec Algorithm - ESP DES SHA1
- Secure Gateway Address - xx.xx.xxx.146
- Authentication Method - Pre-Shared Key
- My IP Address - 0.0.0.0
Branch B
- ZyWALL WAN IP- xxx.xxx.xxx.86
- Key Management - IKE
- Local IP Address - 192.168.10.1 - 192.168.10.253
- Remote IP Address - 192.168.0.1 - 192.168.0.253
- Encap. - Tunnel
- IPSec Algorithm - ESP DES SHA1
- Secure Gateway Address - xx.xx.xxx.86
- Authentication Method - Pre-Shared Key
- My IP Address - 0.0.0.0
I can see that the tunnel between branches is established with success, but
cannot reach (i.e. ping) hosts from A to B and opposite.
Why is that?
For any help thanks in advance
With best regards
Mike
|
|
Posted by Rob S on July 21, 2005, 3:19 pm
If you were Registered and logged in, you could reply and use other advanced thread options
-Hi,
-I have established a VPN between two ZyWALL 5 routers in two different
-places. Both are connected to the DSL Internet connection with fixed IP
-address.
-
-My configuration looks like this:
-
-Branch A
-- ZyWALL WAN IP- xxx.xxx.xxx.86
-- Key Management - IKE
-- Local IP Address - 192.168.0.1 - 192.168.0.253
-- Remote IP Address - 192.168.10.1 - 192.168.10.253
-- Encap. - Tunnel
-- IPSec Algorithm - ESP DES SHA1
-- Secure Gateway Address - xx.xx.xxx.146
-- Authentication Method - Pre-Shared Key
-- My IP Address - 0.0.0.0
-
-Branch B
-- ZyWALL WAN IP- xxx.xxx.xxx.86
-- Key Management - IKE
-- Local IP Address - 192.168.10.1 - 192.168.10.253
-- Remote IP Address - 192.168.0.1 - 192.168.0.253
-- Encap. - Tunnel
-- IPSec Algorithm - ESP DES SHA1
-- Secure Gateway Address - xx.xx.xxx.86
-- Authentication Method - Pre-Shared Key
-- My IP Address - 0.0.0.0
-
Was it a typo, or do you really have .86 as the address of the Wan and gateway
on Branch B? If the latter, then make the WAN IP .146 for starters.
When I setup a Zywall, I used the remote IP subnet, not range ie 192.168.10.0
and 255.255.255.0 I also used MD5 not SHA1.... hth
-Rob
robatwork at mail dot com
|
|
Posted by Michal Z. on July 21, 2005, 11:31 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
I manged tis problem and suceed! It was the matter of upgrading firmwares.
In fact I made a mistake in WAN IP in Branch B
Best regards
Mike
|
| Similar Threads | Posted | | VPN routing.... | December 12, 2006, 12:26 pm |
| VPN and Routing in one box | September 8, 2007, 8:44 pm |
| VPN routing | October 15, 2007, 5:18 pm |
| Need help routing IPX over IPsec | February 10, 2005, 11:35 pm |
| E-mail routing over VPN | January 17, 2006, 11:50 am |
| openvpn and routing | February 6, 2006, 12:50 pm |
| Cisco VPN Routing | November 26, 2006, 9:06 am |
| VPN Internet routing problem | January 10, 2006, 4:23 am |
| openvpn Routing Problem | October 31, 2006, 7:58 am |
| VPN Routing Tables for Dummies? | February 6, 2007, 5:25 pm |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map