NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Augello's avatar
Augello
Tutor
Feb 04, 2019
Solved

Shrew VPN Question

Shrew VPN Client:  I need guidance:

The tutorial at ShrewVpn.com offers no comments indicating which example IP addresses and FQDN's should be replaced with my own network addressing.  Using the Shrew tutorial for batum does get a successful tunnel; however nothing can pass through the tunnel; so I need to find a better example tutorial/guide.  

I have many FVS318Gs, All firewalls on computers used are off. 

Can't ping anything on the other end of the tunnel.  

 

Security
Troubleshooting
  • Augello's avatar
    Augello
    Feb 06, 2019

    Bingo:  I figured it out:

    I found and reviewed a document on connecting Shrew to a Linksys:

    https://www.linksys.com/us/support-article?articleNum=143689

    Which says "If the VPN client is not behind a NAT, click the Client tab then select disable for the NAT Traversal option."

    I set the NAT Traversal = DISABLED and that fixed the issue.

     

    Nothing else in the Linksys setup applies to my Netgear FVS318Gv2.  All other settings used came from 

    https://www.hackviking.com/security_and_hacks/ipsec-vpn-with-netgear-fvs318v3/

     

    Thanks to everyone for the tidbits that helped find the solution. 

    It's absolutely amazing to me that the Shrew Web Site doesn't offer adequate help or support in configuring their client that they hope to sell licensing for; (The Pro Version).

    How can anyone make money selling tools that noone can figure out how to use!   Terrible business model.

5 Replies

Replies have been turned off for this discussion
  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Feb 05, 2019

    Hi Augello,

     

    This link might help.  Also, try to delete the existing VPN/IKE policies from the FVS336Gv2 then re-create it using the VPN Wizard as well as having a whole new configuration on the Shrew Soft VPN Client software. 

     

     

    Regards,


    DaneA

    NETGEAR Community Team

    • Augello's avatar
      Augello
      Tutor
      Feb 05, 2019
      Thanks but that is the exact document I have been using. What I do not know is which IP addresses in the document should be replaced with the actual IP addresses for my system. For example the DNS entries included in the document do not coincide with my actual DNS. I have set up my system exactly as the document is stated and it does establish a connection but it is completely unusable can't ping through it can't see anything at the other end of the tunnel.
      So I'm searching for a better example to follow that more clearly stateswhich entries need to be replaced with my actual IP addresses.
      Mike
      • DaneA's avatar
        DaneA
        NETGEAR Employee Retired
        Feb 05, 2019

        Augello,

         

        I searched online and found this link.  The FVS318v3 indicated from the link is already EoL (End of Life) and possibly the Shrew Soft VPN Client software used might be an old version already but it might still help as reference guide. 

         

         

        Regards,

         

        DaneA

        NETGEAR Community Team 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More