NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Unable to navigate to LAN-WAN hosts when dialed into IPSec VPN
When dialed into a IPSec tunnel, users are not able to access WAN hosts within the same LAN such as our mail server and intranet. I believe I have a routing table issue, but I am not sure. No custom routes are defined and any that I attempt to define do not relieve the issue. Firewall rules are used to direct WAN traffic in to the appropriate host instead of classic routing. I have tried DNS host changes in the Mode Config settings, and that fixes nothing either. The current routing table is below. Note that not all WAN IPs are captured in the routing table for some reason. I have tried to add them manually to fix my problem as I mentioned with no success, so I just removed them. It does not matter which host a client tries to connect to, one that is in this table or one that is not. I also should mention that pings through the firewall never reach the host even with that security feature disabled, which makes me think again that I have a routing table problem. It is also important to note that users physically on the LAN and anonymous users have no problem accessing these hosts. Any help is appreciated!
| Interface Name | Destination | Mask | Gateway | Metric |
| WAN1 | 64.XXX.0.1 | 255.255.255.255 | 0.0.0.0 | 0 |
| LAN | 64.XXX.XXX.XXX | 255.255.255.255 | 192.168.1.101 | 0 |
| LAN | 64.XXX.XXX.XXX | 255.255.255.255 | 192.168.1.101 | 0 |
| LAN | 64.XXX.XXX.XXX | 255.255.255.255 | 192.168.1.101 | 0 |
| LAN | 192.168.1.0 | 255.255.255.0 | 0.0.0.0 | 0 |
| WAN1 | 64.XXX.0.0 | 255.255.248.0 | 0.0.0.0 | 0 |
| WAN1 | default | 0.0.0.0 | 64.XXX.0.1 | 0 |
7 Replies
Hi TheDurb,
Welcome to the community! :)
Kindly answer the questions below:
a. Do you have a client-to-box VPN or box-to-box VPN?
b. Was it working before? If yes, are there any changes made within the settings or within the network?
c. Does it mean that you are unable to go online when you are connected via VPN?
d. What is the current firmware version of your FVS336Gv2?
I look forward to your response.
Regards,
DaneA
NETGEAR Community Team
Thanks for your reply! Responses are below..
a. Do you have a client-to-box VPN or box-to-box VPN? Client-to-box
b. Was it working before? If yes, are there any changes made within the settings or within the network? Yes, before I started using multiple WAN IP addresses, it worked.
c. Does it mean that you are unable to go online when you are connected via VPN? No, all internet access is functional except to those WAN hosts within this LAN.
d. What is the current firmware version of your FVS336Gv2? 3.1.1-08; I do not want to upgrade due to performance degradation as a known issue in the current version.
Hi TheDurb,
Here are my follow-up questions below:
a. Are you using a NETGEAR VPN Client software? If yes, is it the VPN Client Professional software or VPN Client Lite software?
b. What is the current version of the VPN Client software you are using?
c. Are you able to get replies when you ping the WAN hosts within the LAN while you are connected via VPN?
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
