|
Home > Archive > VPN > July 2005 > VPN and routing between branches
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
VPN and routing between branches
|
|
| Michal Z. 2005-07-21, 7:46 am |
| Hi,
I have established a VPN between two ZyWALL 5 routers in two different
places. Both are connected to the DSL Internet connection with fixed IP
address.
My configuration looks like this:
Branch A
- ZyWALL WAN IP- xxx.xxx.xxx.86
- Key Management - IKE
- Local IP Address - 192.168.0.1 - 192.168.0.253
- Remote IP Address - 192.168.10.1 - 192.168.10.253
- Encap. - Tunnel
- IPSec Algorithm - ESP DES SHA1
- Secure Gateway Address - xx.xx.xxx.146
- Authentication Method - Pre-Shared Key
- My IP Address - 0.0.0.0
Branch B
- ZyWALL WAN IP- xxx.xxx.xxx.86
- Key Management - IKE
- Local IP Address - 192.168.10.1 - 192.168.10.253
- Remote IP Address - 192.168.0.1 - 192.168.0.253
- Encap. - Tunnel
- IPSec Algorithm - ESP DES SHA1
- Secure Gateway Address - xx.xx.xxx.86
- Authentication Method - Pre-Shared Key
- My IP Address - 0.0.0.0
I can see that the tunnel between branches is established with success, but
cannot reach (i.e. ping) hosts from A to B and opposite.
Why is that?
For any help thanks in advance
With best regards
Mike
| |
|
| On Thu, 21 Jul 2005 11:00:08 +0200, "Michal Z." <info@soft-m.com.pl> wrote:
-Hi,
-I have established a VPN between two ZyWALL 5 routers in two different
-places. Both are connected to the DSL Internet connection with fixed IP
-address.
-
-My configuration looks like this:
-
-Branch A
-- ZyWALL WAN IP- xxx.xxx.xxx.86
-- Key Management - IKE
-- Local IP Address - 192.168.0.1 - 192.168.0.253
-- Remote IP Address - 192.168.10.1 - 192.168.10.253
-- Encap. - Tunnel
-- IPSec Algorithm - ESP DES SHA1
-- Secure Gateway Address - xx.xx.xxx.146
-- Authentication Method - Pre-Shared Key
-- My IP Address - 0.0.0.0
-
-Branch B
-- ZyWALL WAN IP- xxx.xxx.xxx.86
-- Key Management - IKE
-- Local IP Address - 192.168.10.1 - 192.168.10.253
-- Remote IP Address - 192.168.0.1 - 192.168.0.253
-- Encap. - Tunnel
-- IPSec Algorithm - ESP DES SHA1
-- Secure Gateway Address - xx.xx.xxx.86
-- Authentication Method - Pre-Shared Key
-- My IP Address - 0.0.0.0
-
Was it a typo, or do you really have .86 as the address of the Wan and gateway
on Branch B? If the latter, then make the WAN IP .146 for starters.
When I setup a Zywall, I used the remote IP subnet, not range ie 192.168.10.0
and 255.255.255.0 I also used MD5 not SHA1.... hth
-Rob
robatwork at mail dot com
| |
| Michal Z. 2005-07-21, 5:48 pm |
| Hi,
I manged tis problem and suceed! It was the matter of upgrading firmwares.
In fact I made a mistake in WAN IP in Branch B
Best regards
Mike
|
|
|
|
|