> > > > -----Original Message----- From: vpn-help-bounces@... > > [mailto:vpn-help-bounces@...] On Behalf Of Mach Rainer > > Sent: Monday, February 20, 2012 5:16 PM To: > > 'vpn-help@...' Subject: [vpn-help] Problems connecting > > Windows7 over Broadband > > > > Hi! > > > > I installed the Shrew Soft Client (first 2.1.7 stable and now > > 2.2.0-b2) on my Windows 7 64 Bit Laptop and configured it to connect > > to a PFSense 2.0.1 Firewall. It works fine when the laptop is > > connected via LAN or via WLAN (WLAN=802.11a/b). But when the laptop > > is connected via Mobile Broadband (with a SIM Card from a mobile > > phone provider) the Shrew Soft Client gets connected, but I can't get > > any traffic through the tunnel (e.g. ping). I tried it with different > > mobile provider, no change. And I tried it also with different Mobile > > Broadband Adapters (one is internal in my Laptop and I got 2 mobile > > USB Adapters) -it does also not work. > > > > But when I put the SIM Card to my IPhone and use tethering (WLAN > > between Laptop and IPhone) the VPN works! So I think the problem is > > not the provider. > > > > In the archive of the mailing list I found the suggestion to disable > > a virtual Adapter, but there is no unused virtual adapter (and this > > should be fixed in 2.2.0) > > > > Do you have any suggestions? > > > > regards, rainer > > > > Hi Rainer, > > The error you see suggests a gateway end configuration issue. > > Further to what Andrew said, I'd compare the log entries for successful > connections from LAN/WLAN/tether to see what is different. It is > possible that the provider uses different IP space for the WWAN > connections than it does the others, so you might need to add a > configuration for that. > > Also, we've had other people on the list complain that they can't get > Shrew to work over WWAN, but I can't recall any follow-ups from them > indicating if they ever got it to work. >
Hi Rainer, had exactly the same issue! I could solve it with his information: https://sites.google.com/a/vorkbaard.nl/dekapitein/tech-1/how-to-set- up-ipsec-tunneling-in-pfsense-2-0-release-for-road-warriors Basically it is to change the Phase 1 settings in the Mobile Tunnel in the pfSense. There are 3 steps mainly that did it for me: -setting Policy Generation to Unique -setting Proposal Checking to Strict -setting NAT Traversal to Force The rest of the changes in Shrew VPN weren't necessary for me, that was: -I DIDN'T set NAT to "force-rfc" in Shrew connection but let it "enable" -I DIDN'T set the Policy Generation to "Unique" but let it to "auto". Everything went fine, hope it does for you! kerrbenok _______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
