Am 20.02.2010 12:55, Felix Pablo Grande schrieb: > Hi, > > i built a vpn tunnel with Shrew client and Juniper SSG-140 firewall, but > when try to do a ping with a host of the internal host of the network, i > don't receive a pong. > > In Security associations appear: > > Established - 0 > Expired - 0 > Errors - 0 > > Tunnel > > Status - Connected > Remote Host - Public IP of firewall > Transpor Used - NAT-T/ IKE | ESP > IKE fragmentation - Disabled > Dead Peer Detection - Enabled > > And the configuration is: > > n:version:2 > n:network-ike-port:500 > n:network-natt-port:4500 > n:network-natt-rate:15 > n:network-frag-size:540 > n:network-dpd-enable:1 > n:network-notify-enable:1 > n:client-banner-enable:0 > n:client-dns-used:1 > n:client-dns-auto:0 > b:auth-mutual-psk:MyPassword > n:phase1-dhgroup:2 > n:phase1-keylen:0 > n:phase1-life-secs:28800 > n:phase1-life-kbytes:0 > n:vendor-chkpt-enable:0 > n:phase2-keylen:0 > n:phase2-pfsgroup:2 > n:phase2-life-secs:3600 > n:phase2-life-kbytes:0 > n:policy-nailed:0 > n:policy-list-auto:0 > n:network-mtu-size:1380 > n:client-addr-auto:0 > s:network-host:Firewall Public IP > s:client-auto-mode:disabled > s:client-iface:virtual > s:client-ip-addr:172.16.100.169 > s:client-ip-mask:255.255.255.0 > s:network-natt-mode:enable > s:network-frag-mode:enable > s:client-dns-addr:172.16.100.2 > s:client-dns-suffix:mydomain.com > s:auth-method:mutual-psk > s:ident-client-type:ufqdn > s:ident-client-data:[email protected]<s%3aident-client-data%[email protected]> > s:ident-server-type:address > s:ident-server-data:172.16.100.169 > s:phase1-exchange:aggressive > s:phase1-cipher:des > s:phase1-hash:md5 > s:phase2-transform:des > s:phase2-hmac:md5 > s:ipcomp-transform:disabled > s:policy-list-include:172.16.100.0 / 255.255.255.0,172.17.100.0 / > 255.255.255.0 > > Can you help me ?
Felix, please provide further debugging information collected by the shrew soft trace utility. http://www.shrew.net/support/wiki/BugReportVpnWindows Stefan -- Stefan Bauer ----------------------------------------- PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34 -------- plzk.de - Linux - because it works ---------- _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
