Whoops, sorry about the previous (incomplete) message.
We're trying to connect two networks with the GNAT Box VPN feature. The configuration is the following: PRO1 + PSN1 --- GB1 --- EXT1 <--- internet ---> EXT2 --- GB2 --- PRO2 PRO1 - 192.168.101.* PSN1 - 192.168.100.* EXT1 - 194.134.xxx.yyy PRO2 - 192.168.200.* EXT2 - 212.120.qqq.rrr (Our site has a PRO and PSN network, our client only has a PRO network) We created a VPN entry using AH keyed-MD5 encryption on both sides, a remote access filter for the AH protocol, and the default Pass Through filters. Then we changed the inbound Pass Through filter to accept all packets coming the other network and enabled the filter. It is now possible to access PRO1 from PRO2 and vice versa, no problems here. However it's no longer possible to access any services through NAT on EXT2 from PRO1 or PSN1 for whing no inbound tunnel is setup, like the e-mail proxy or a simple ping. The same goes for accessing EXT1 from PRO2. It's also not possible to access any machine on PSN1 from PRO2. We tried setting up a second VPN rule on GB2 for 192.168.100.0, which resulted in the following console messages: WWWadmin: Configuring VPN. key_spdadd: a SP entry exists already. The result of line 28: File exists. key_spdadd: a SP entry exists already. The result of line 34: File exists. key_add: SA already exists. The result of line 38: File exists. key_add: SA already exists. The result of line 42: File exists. And after trying to access the other network with this configuration: replay packet in IPv4 AH input: packet(SPI=4097 src=194.134.xxx.yyy dst=212.120.qqq.rrr) SA(SPI=4097 src=194.134.xxx.yyy dst=212.120.qqq.rrr) After removing the second VPN we tried setting up a static for 192.168.100.0 with gateway 192.168.101.1 which resulted in the message that GNAT Box could not locate 192.168.101.1 This seems that GNAT Box itself can communicate with the VPN, which was confirmed by pinging to a machine on PSN1 from the GB2 console (100% packet loss). My question (finally): How can I access the PSN1 network from the PRO2 network using the VPN configuration of GNAT Box ? Rik.
