On 02/21/2012 12:21 PM, Roper, Andrew wrote:
Is the firewall setup for Aggressive mode negotiations for that
particular tunnel?
-Andrew
-----Original Message----- From: Mach Rainer
[mailto:[email protected]] Sent: Tuesday, February 21, 2012 11:39
AM To: Roper, Andrew; '[email protected]' Subject: RE:
Problems connecting Windows7 over Broadband
Hi Andrew,
no change. The LogFile on the FW says: Feb 21 17:35:24 racoon: ERROR:
failed to begin ipsec sa negotication. Feb 21 17:35:24 racoon: ERROR:
no configuration found for 178.115.x.y. (<-- that's the IP I got from
the mobile provider) Feb 21 17:35:19 racoon: ERROR: failed to begin
ipsec sa negotication. Feb 21 17:35:19 racoon: ERROR: no
configuration found for 178.115.x.y. Feb 21 17:35:15 racoon: ERROR:
failed to begin ipsec sa negotication. Feb 21 17:35:15 racoon: ERROR:
no configuration found for 178.115.x.y. Feb 21 17:35:13 racoon:
ERROR: failed to begin ipsec sa negotication. Feb 21 17:35:13 racoon:
ERROR: no configuration found for 178.115.x.y. Feb 21 17:35:12
racoon: INFO: begin Identity Protection mode.
regards, rainer
-----Original Message----- From: [email protected]
[mailto:[email protected]] On Behalf Of Roper, Andrew
Sent: Tuesday, February 21, 2012 3:38 PM To: Mach Rainer;
'[email protected]' Subject: Re: [vpn-help] Problems
connecting Windows7 over Broadband
Rainer,
Try turning off NAT-T when using the WWAN connection.
Regards, Andrew
-----Original Message----- From: [email protected]
[mailto:[email protected]] On Behalf Of Mach Rainer
Sent: Monday, February 20, 2012 5:16 PM To:
'[email protected]' Subject: [vpn-help] Problems connecting
Windows7 over Broadband
Hi!
I installed the Shrew Soft Client (first 2.1.7 stable and now
2.2.0-b2) on my Windows 7 64 Bit Laptop and configured it to connect
to a PFSense 2.0.1 Firewall. It works fine when the laptop is
connected via LAN or via WLAN (WLAN=802.11a/b). But when the laptop
is connected via Mobile Broadband (with a SIM Card from a mobile
phone provider) the Shrew Soft Client gets connected, but I can't get
any traffic through the tunnel (e.g. ping). I tried it with different
mobile provider, no change. And I tried it also with different Mobile
Broadband Adapters (one is internal in my Laptop and I got 2 mobile
USB Adapters) -it does also not work.
But when I put the SIM Card to my IPhone and use tethering (WLAN
between Laptop and IPhone) the VPN works! So I think the problem is
not the provider.
In the archive of the mailing list I found the suggestion to disable
a virtual Adapter, but there is no unused virtual adapter (and this
should be fixed in 2.2.0)
Do you have any suggestions?
regards, rainer
Hi Rainer,
The error you see suggests a gateway end configuration issue.
Further to what Andrew said, I'd compare the log entries for successful
connections from LAN/WLAN/tether to see what is different. It is
possible that the provider uses different IP space for the WWAN
connections than it does the others, so you might need to add a
configuration for that.
Also, we've had other people on the list complain that they can't get
Shrew to work over WWAN, but I can't recall any follow-ups from them
indicating if they ever got it to work.
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
