NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

mossdrive's avatar
mossdrive
Aspirant
Apr 06, 2016
Solved

IPSec Issue

I have a SRX5308 and a FVS318N connected successfully via an IPSec tunnel. From the Monitoring>Diagnostics tab and I can ping the opposite gateway through the tunnel using the LAN address. I can also ping some hosts on each side of the tunnel. My issue is that some host do not respond and all I get is "Ping Failed" in red rather than the usual window showing the 4 packets transmitted and 100% packet loss or the successful ping response as the case may be. I have verified that the hosts all are set to respond to ICMP requests. The net result is I am not able to access these clients either via http, rdp etc.

I would be glad of any suggestions as to why this may be happening.

Troubleshooting
  • SamirD's avatar
    SamirD
    Apr 12, 2016

    Check the subnet masks/IP range for each side of your tunnel and make sure they match and also include the range you're trying to access.  

3 Replies

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Apr 06, 2016

    Hi mossdrive,

     

    Welcome to the community! :)

     

    Kindly answer the questions below:

     

    a. Since you are able to get access on some hosts via the VPN tunnel, are there any software firewall/s or anti-virus installed on the hosts that you can't access via the VPN tunnel?  If yes, kindly try to disable or uninstall it then check if same problem occurs.

     

    b. What is the current firmware version of both SRX5308 and FVS318N?
     
    c. Is the time and date synchronized on both SRX5308 and FVS318N as well as the hosts connected in each network? 

     

    I look forward to your response.  

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team 

    • mossdrive's avatar
      mossdrive
      Aspirant
      Apr 12, 2016
      DaneA wrote:

      Hi mossdrive,

       

      Welcome to the community! :)

       

      Kindly answer the questions below:

       

      a. Since you are able to get access on some hosts via the VPN tunnel, are there any software firewall/s or anti-virus installed on the hosts that you can't access via the VPN tunnel?  If yes, kindly try to disable or uninstall it then check if same problem occurs. (There are no software firewalls on the network and the issue remians when the AV is disabled)

       

      b. What is the current firmware version of both SRX5308 and FVS318N? ( v4.3.3-6 on both)
       
      c. Is the time and date synchronized on both SRX5308 and FVS318N as well as the hosts connected in each network? (All are using the same global NTP server)

       

      I look forward to your response.  

       

       

      Regards,

       

      DaneA

      NETGEAR Community Team 

       

  • SamirD's avatar
    SamirD
    Prodigy
    Apr 12, 2016

    Check the subnet masks/IP range for each side of your tunnel and make sure they match and also include the range you're trying to access.  

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More