EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Tuesday 24 December 2024, 06:57:24 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14262
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
VPN Support
VPN between two efw-2.4 firewalls established but traffic won't pass
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: VPN between two efw-2.4 firewalls established but traffic won't pass (Read 14100 times)
rwebb616
Full Member
Offline
Posts: 16
VPN between two efw-2.4 firewalls established but traffic won't pass
«
on:
Saturday 20 August 2011, 04:13:27 am »
Hi,
I have two Endian 2.4 machines that have a VPN established between them but clients behind the firewalls cannot ping the other side. If I SSH into the firewall the firewall can ping the other side without issue.
If I enable the NAT option on the client side then there is one-way communication which helps, but is not what we need. We need to be able to have two-way communication between the boxes.
I am setting up client to server in routed mode. I've listed the network behind client in the user setup. My setup is basically this:
172.16.14.0 (client network) ---> Red Int to the Internet ---> Red Int on server ---> 172.16.12.0 (server network)
Before anyone suggests turning on the vpn firewall and configuring it, I have done that. I have both sides allowing any/any on the vpn firewall. I've also tried it with the vpn firewall turned off.
I am thinking the configuration is correct as I have a similar vpn set up between a of 2.1.2 firewalls and it works. I don't know if I'm just missing an option somewhere or what.
Thanks in advance!
-Rich
Logged
plucky_84
Jr. Member
Offline
Posts: 1
Re: VPN between two efw-2.4 firewalls established but traffic won't pass
«
Reply #1 on:
Friday 14 October 2011, 03:10:58 am »
I assume this is a site to site, or net 2 net VPN connection and using IPsec for the VPN.
I have IPsec running smoothly on 6 endian firewall and all traffic goes through. This is what I did.
Turned off VPN firewall.
Turn off outgoing traffic firewall as well just to be sure. can turn on after vpn connection is made and test connection with outgoing traffic firewall turned on.
IPSec tunnels:
at Site1:
Add new net 2 net vpn
interface = Uplink Main (only have 1 uplink on my firewalls)
remote host/IP 88.88.88.88 (whatever your static IP is for remote site2 with endian firewall)
local subnet 192.168.100.0/24
remote subnet 192.168.200/24
remote id & local id: left blank. (if you are going to use this, make sure local id matches the remote id on the remote endian firewall; vice versa on remote id)
Dead peer detection action: Restart
Authentication:
Pre-Shared Key: (use your own private key; can be anything but this must be entered exactly on the remote endian firewall)
under advance settings:
make sure settings you choose matches on the remote endian firewall as well.
On remote site2 endian firewall:
use all the same as above except:
remote host ip: (point to site1 static IP)
local subnet: 192.168.200.0/24
remote subnet: 192.168.100.0/24
hopefully this helps a bit. I'm in the process of switching over to OpenVPN.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com