Router to router VPN tunnel not working

Discussion in 'Server Networking' started by jean declercq, Sep 22, 2005.

  1. Hello all

    first of all sorry for my bad english.

    I'm trying to set up a router to router vpn tunnel between 2 lan.
    The tunnel seems to be established, seeing the status pages of the
    routers, but I can't do anything with it, even a ping doesn't work.
    LAN A :
    192.168.1.0/24 (fixed IP)
    Dlink DI804HV
    on the PC of the Lan, the gateway is the ip of the router
    (192.168.1.155)

    LAN B :
    192.168.60.0/24
    Bewan LanBooster 2201 (witch seems to be a "french translated" Draytec
    Vigor 2600)
    gateway on the PC : 192.168.60.200 (the Bewan)

    Here are some screenshots of the status pages of the routers.
    Dlink:
    http://cjoint.com/?jwkLvlmLnu
    Bewan:
    http://cjoint.com/?jwkLYGmGu7

    From the lan A, I can't even ping the IP adress (192.168.60.200) of the
    lan B router.
    Same thing from the lan B, trying to ping the lan B router.

    On both routers, reply to ping is allowed from wan

    I've not found anything that can help me about the routers.

    Is there a possibility that my problems are from the PC's configuration
    rather than the routers configuration ?
    What can I test to found out what is going wrong ?

    Or is it possible that the routers are incompatible ?

    Many thanks for your answers.
     
    jean declercq, Sep 22, 2005
    #1
    1. Advertisements

  2. Robert L [MS-MVP] a écrit sur
    microsoft.public.windows.server.networking le 22/09/2005 dans
    Hello

    Thanks for the reply

    I have a log (well, a part of) for the connection (on the Dlink side)
    with the Bewan

    11:39:29 IKE Phase2 (IPSEC SA) established :
    [192.168.60.0|86.192.218.10]<->[83.196.213.47|192.168.1.0]
    11:39:29 Send IKE Q3(QHASH) : 192.168.1.0 --> 192.168.60.0
    11:39:29 Try to match ESP with MODE:Tunnel PROTOCAL:ESP-3DES AUTH:MD5
    HASH:Others PFS(Group):Group1
    11:39:29 Receive IKE Q2(QRESP) :
    [192.168.60.0|86.192.218.10]-->[83.196.213.47|192.168.1.0]
    11:39:26 Send IKE Q1(QINIT) : 192.168.1.0 --> 192.168.60.0

    The Dlink doesn't seems to log other things except for the incomming
    alerts.

    And I found nothing about that in the Bewan logs.

    All I can found in the Bewan log is when I do a ping from a PC of the
    Lan B to the Dlink:

    Local User: 192.168.60.1 -> 192.168.1.155 (ICMP) Echo
    Local User: 192.168.60.1 -> 192.168.1.155 (ICMP) Echo
    Local User: 192.168.60.1 -> 192.168.1.155 (ICMP) Echo
    Local User: 192.168.60.1 -> 192.168.1.155 (ICMP) Echo

    where 192.168.60.1 is a PC on the Lan B and 192.168.1.155 is the Ip
    adress of the Dlink on the Lan A.

    Do I have to try to log other things ?

    By the way, am I on the right newsgroup? If no, please tell me where to
    ask.
    I'm not sure if my problem is because of the routers or a wrong
    configuration of my lan (MS pcs and servers).
     
    jean declercq, Sep 22, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.