Forum Discussion

Aspirant

Aug 31, 2018

SRX 5308 Site-to-Site VPN not fully working

Hi all, New to the SRX5308 and Site-to-Site VPN. I have used the wizard and believe that I have a successful tunnel between two SRX5308. I have done nothing other than run the wizard. I can...

Troubleshooting

JamesN33

Aspirant

Sep 04, 2018

DaneA-

Thanks for your reply. Here is the info you requested..

The address ranges on both routers are different.

RouterA 192.168.70.0/24

RouterB 192.168.80.0/24

a. Yes

b. Yes

c. Yes

d. Yes

e. Each router is connected to ISP provided cable modem.

f. Firmware is current

I have also read the pages you suggested and the tunnel was created with the wizard as outlined in those pages.

Given the above facts should I be able to tracert successfully across the tunnel?

Thanks,

James

DaneA

NETGEAR Employee Retired

Sep 05, 2018

JamesN33,

Based from your answers, it seems that the VPN is all working fine.

Given the above facts should I be able to tracert successfully across the tunnel?

When connected to the VPN tunnel, it is as if you are connected within the same LAN from Site A to Site B and vice versa. Hence, tracert through the VPN tunnel will not indicate the number of hops.

Regards,

DaneA
NETGEAR Community Team

JamesN33
Aspirant
Sep 05, 2018
DaneA-

Thanks again for the reply. I am wondering if the problematic devices are being hindered but a mask issue? Both ends are /24 and I used /24 in the traffic selection in the IPsec setup. Is this correct?

Thanks,

James
- DaneA
  NETGEAR Employee Retired
  Sep 06, 2018
  JamesN33,
  
  I am wondering if the problematic devices are being hindered but a mask issue?
  
  You may check the VPN Logs. Kindly refer to pages 339-443 on the SRX5308 user manual here about IPSec VPN Logs.
  
  Both ends are /24 and I used /24 in the traffic selection in the IPsec setup. Is this correct?
  
  Yes, this is correct.
  
  Regards,
  
  DaneA
  NETGEAR Community Team
  - JamesN33
    Aspirant
    Sep 06, 2018
    DaneA-
    
    I have read all the recommended pages and still have a few questions..
    
    1. At the risk of sounding stupid, how do I view the firewall logs? Under Monitoring/Firewall Logs & Email/View Log I can see a log but it does not appear to contain any firewall related entries.
    
    2. I have noticed that when using the Monitoring/Diagnostics and using ping though tunnel that pings fail to some devices. From a command prompt however all devices across the tunnel respond to pings. What might explain this discrepancy?
    
    Thanks again,
    
    James

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

Learn More

Forum Discussion

SRX 5308 Site-to-Site VPN not fully working

Related Content

PR60X Site to Site IPSEC Site to Site VPN frequently drops and will not restart automatically

R6220 Supports Site-to-Site VPN?

IPSec site to site Verbindung BR200 - Devices nicht erreichbar

Site to site iPSec VPN with two BR500 VPN router

IPSec site-to-site with multiple VLANS

NETGEAR Academy

ProSupport for Business