Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 23 November 2024, 01:34:02 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14258 Posts in 4377 Topics by 6516 Members
Latest Member: DaveH
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  IPsec/NAT not working
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: IPsec/NAT not working  (Read 19260 times)
JEK
Jr. Member
*
Offline Offline

Posts: 3


« on: Thursday 12 October 2017, 06:32:16 pm »

Hi,

I'm running Endian Community 3.0 and I'm having trouble connecting to another net over IPsec.
Well, the tunnel is actually connecting but I'm not able to ping anything on the other side. I'm assuming that there's a problem with the NAT I configured. The nets that should be connected are 10.10.0.0/24 (my side) and 172.25.99.0/24.
I configured the following NAT rule:

Source NAT
Source:        Network/IP 10.10.0.0/16
Destination:  Network/IP 10.10.0.0/24
Service/Port: ANY/ANY
NAT to source address Auto

Maybe someone can point me to where I'm wrong? Help is much appreciated.

Thanks in advance.
Logged
Dark-Vex
Sr. Member
****
Offline Offline

Posts: 105


« Reply #1 on: Monday 16 October 2017, 06:12:14 pm »

Hi,
why you have setup this Source NAT rule?  for the IPSec tunnel is not necessary.
If you cannot reach the other side maybe the tunnel is not properly established, could you please try from SSH to run the following command in order to see if the IPSec tunnel is up?

ipsec statusall

Bye
Daniele
Logged
JEK
Jr. Member
*
Offline Offline

Posts: 3


« Reply #2 on: Friday 10 November 2017, 01:26:18 am »

Hi,

I would really like to do that but I'm not sure how to connect to the system via SSH. I have credentials for the login to the web interface but these do not work for SSH.

Regards
Logged
Dark-Vex
Sr. Member
****
Offline Offline

Posts: 105


« Reply #3 on: Monday 13 November 2017, 07:07:18 pm »

You can use on Windows the software Putty for connect to the firewall, the username for access to the system is "root" and the password that you have set
Logged
JEK
Jr. Member
*
Offline Offline

Posts: 3


« Reply #4 on: Tuesday 14 November 2017, 07:47:06 pm »

Ok. My fault. I must have mistyped my password...

The status of the tunnel is CONNECTING. But that's just because it gets disconnected after a few hours of not using it. If someone from the other side of the tunnel is pinging something on my side the tunnel establishes and they can reach my net.
But it's not working from my side. So I was assuming it has to have something to do with my NAT.

Just to be sure it's clear what I'm trying to do. My net is 10.10.0.0/16. I'm trying to connect to the net 172.25.99.0/24 through IPSEC. I was thinking that I need to configure NAT on my side from 10.10.0.0/16 to 10.10.0.0/24 to get this working.

Regards
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com