Hi Matt, Yes I've tried defining the network as 'Tunnel All', allow 192.168.1.0/255.255.255.0 and allow 192.168.0.0/255.255.0.0 individually and none work for our primary Fortigate.
Interestingly all of the above work fine for our secondary Fortigate - please see my previous postings for the make/model/firmware of our primary/secondary Fortigates. Can you think of anything that might be configured differently on our Primary Fortigate that would always cause a 'No DHCP Response from Gateway' on Shrew everytime when the local subnet of the connecting client is 192.168.1.xxx? Many thanks again, Ben Chamberlain Swyddog Cefnogi Cymorth Technoleg Gwybodaeth a Chyfathrebiadau/Information and Communications Technology Support Officer Gwasaneth Tân ac Achub Gogledd Cymru/North Wales Fire and Rescue Service Ffôn/Telephone: 01492 564 949 Ffacs/Fax: 01492 593 956 Am archwiliad diogelwch tân yn y cartref, ffoniwch 0808 100 2863, e-bostiwch [email protected] neu ymwelwch â www.gwastan-gogcymru.org.uk. For a free home fire safety check, please call 0808 100 2863, e-mail [email protected] or visit www.nwales-fireservice.org.uk. -----Original Message----- From: Matthew Grooms [mailto:[email protected]] Sent: 16 November 2010 05:04 To: Ben Chamberlain Subject: Re: FW: RE: [vpn-help] No DHCP Response from Gateway On 11/12/2010 3:41 PM, Ben Chamberlain wrote: > Hi Matt, > > I have been able to re-create this issue consistently. > > The problem is with the local subnet. > > If you have a local 192.168.0.xxx address, everything works fine - > however if you have a local 192.168.1.xxx address the symptoms are as > described. > > What would cause this issue when all VPN traffic is tunnelled in > either case and virtual adaptors are used? > > Any pointers would be most appreciated. > > Regards, > > Ben Chamberlain > Ben, Do you have the 192.168.1.0/24 network defined in one of your policies? -Matthew ********************************************************************** Cyfrinachedd: Mae’r neges e-bost hon ac unrhyw ffeiliau a drosglwyddir gyda hi, yn breifat ac fe allent fod yn cynnwys gwybodaeth sy’n gyfrinachol neu’n gyfreithiol-freintiedig. Os byddwch yn derbyn y neges hon trwy gamgymeriad, a fyddech mor garedig â rhoi gwybod inni a chael gwared arni o’ch system ar unwaith. Ymwadiad: Fe allai e-bostio trwy’r We fod yn agored i oedi, rhyng-gipio, peidio â chyrraedd, neu newidiadau heb eu hawdurdodi. Felly, nid yw’r wybodaeth a fynegir yn y neges hon yn cael cefnogaeth GTAGC oni bai fod cynrychiolydd awdurdodedig, yn annibynnol ar yr e-bost hwn, yn hysbysu ynghylch hynny. Ni ddylid gweithredu o ddibynnu ar gynnwys yr e-bost hwn yn unig. Monitro: Bydd GTAGC yn monitro cynnwys e-byst at ddiben atal neu ddarganfod troseddau, a hynny er mwyn sicrhau diogelwch ein systemau cyfrifiadurol a gwirio cydymffurfiad â’n polisïau. Gwasanaeth Tân ac Achub Gogledd Cymru Parc Busnes Llanelwy, Sir Ddinbych. LL17 0JJ ********************************************************************** Confidentiality: This email and any files transmitted with it, are private and may contain confidential or legally privileged information. If you receive this message in error, please notify us and then immediately remove it from your system. Disclaimer: Internet email may be subject to delays, interception, non-delivery or unauthorised alterations. Therefore, information expressed in this message is not endorsed by NWFRS unless otherwise notified by an authorised representative independent of this email. No action should be taken in reliance on the content of this email. Monitoring: NWFRS monitors email traffic content for the purposes of the prevention and detection of crime, ensuring the security of our computer systems and checking compliance with our policies North Wales Fire and Rescue Service St Asaph Business Park, Denbighshire. LL17 0JJ ********************************************************************** _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
