On Sun, 20 Mar 2011 00:44:40 +0100 "HADI Attila" <[email protected]> wrote:
> The VPN connection is working properly if I want to communicate > inbound the 192.168.4.0/24 subnet. > > My problem is the next: > > I would like to forward all trafic to the other side via the VPN > tunnel. > > If I set the IPSEC Policy Configuration manualy (I set 192.168.4.0/24 > to Include) I can reach the network (ping is OK),but every other > trafic going out via my local router instead of via the VPN tunel on > the other gateway. > > If I set the Obtain Topology Automatically or Tunnel All I can not > reach the 192.168.4.0/24 network. > Hi Attila, I would suggest that the Cisco gateway at the other end is not configured to allow you to forward all traffic via the tunnel. Instead it is configured to allow access only to the 192.168.4.0/24 network. You can check this by using the VPN trace utility. Setup the VPN trace utility according to the instructions at the link below. Then connect to the Cisco gateway (with Shrew configured to Tunnel All). Generate traffic by pinging the 192.168.4.0 network. Then look on the Security Associations tab of the VPN trace utility. In a correct configuration, there should be two SAs setup, one for traffic in each direction. For each ping, there should be bytes transfered in each direction. In your case, I expect you to see that there is only bytes transfered in one direction, or the SAs keep resetting because they do not successfully get negotiated. VPN trace instructions: http://www.shrew.net/support/wiki/BugReportVpnWindows _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
