Hi, What the VPN Gateway ? Do you have check the log of VPN Gateway and may be need some firewall rules ?
Cheers On Sat, Feb 20, 2016 at 6:38 AM, <[email protected]> wrote: > I installed the package 'ike' from debian repositories. System is Debian > 8.3 32-bit. I successfully connect to the VPN using the client, but have no > internet connectivity, nor can I reach any machines on the VPN network. How > do I make it work? > > The log is: > config loaded for site 'remote' > attached to key daemon ... > peer configured > iskamp proposal configured > esp proposal configured > client configured > local id configured > remote id configured > pre-shared key configured > bringing up tunnel ... > network device configured > tunnel enabled > > The VPN profile: > n:version:4 > s:network-host:remote.work.com > n:network-ike-port:500 > s:client-auto-mode:pull > n:network-mtu-size:1380 > s:client-iface:virtual > n:client-addr-auto:1 > s:network-natt-mode:enable > n:network-natt-port:4500 > n:network-natt-rate:15 > s:network-frag-mode:enable > n:network-frag-size:540 > n:network-dpd-enable:1 > n:client-banner-enable:1 > n:network-notify-enable:1 > n:client-dns-used:1 > n:client-dns-auto:0 > n:client-dns-suffix-auto:0 > s:client-dns-addr:192.168.2.251,192.168.2.252 > s:client-dns-suffix:work.local > n:client-splitdns-used:1 > n:client-splitdns-auto:1 > n:client-wins-used:0 > n:client-wins-auto:1 > s:auth-method:mutual-psk-xauth > s:ident-client-type:fqdn > s:ident-server-type:any > b:auth-mutual-psk:<redacted> > s:phase1-exchange:aggressive > n:phase1-dhgroup:14 > s:phase1-cipher:aes > n:phase1-keylen:256 > s:phase1-hash:sha2-256 > n:phase1-life-secs:86400 > n:phase1-life-kbytes:0 > n:vendor-chkpt-enable:0 > s:phase2-transform:esp-aes > n:phase2-keylen:256 > s:phase2-hmac:sha2-256 > s:ipcomp-transform:disabled > n:phase2-pfsgroup:14 > n:phase2-life-secs:3600 > n:phase2-life-kbytes:0 > s:policy-level:auto > n:policy-nailed:0 > n:policy-list-auto:1 > > Routes before connecting to VPN: > $ sudo route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > default home.lan 0.0.0.0 UG 0 0 0 > eth0 > 192.168.1.0 * 255.255.255.0 U 0 0 0 > eth0 > > Routes after connecting to VPN (the external IP is redacted): > $ sudo route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > default 10.50.60.1 0.0.0.0 UG 0 0 0 > tap0 > default 192.168.1.1 0.0.0.0 UG 0 0 0 > eth0 > 10.50.60.0 * 255.255.255.0 U 0 0 0 > tap0 > <redacted> 192.168.1.1 255.255.255.255 UGH 0 0 0 > eth0 > 192.168.1.0 * 255.255.255.0 U 0 0 0 > eth0 > _______________________________________________ > vpn-help mailing list > [email protected] > https://lists.shrew.net/mailman/listinfo/vpn-help >
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
