Discussion stats
  • 5 replies
  • 1752 views
  • 1 kudo
  • 2 in conversation
Announcements

Top Contributors
Reply
Highlighted
Tutor

Shrew VPN Question

Shrew VPN Client:  I need guidance:

The tutorial at ShrewVpn.com offers no comments indicating which example IP addresses and FQDN's should be replaced with my own network addressing.  Using the Shrew tutorial for batum does get a successful tunnel; however nothing can pass through the tunnel; so I need to find a better example tutorial/guide.  

I have many FVS318Gs, All firewalls on computers used are off. 

Can't ping anything on the other end of the tunnel.  

 

Model: FVS318Gv2|ProSafe gigabit 8 port VPN firewall
Message 1 of 6

Accepted Solutions
Highlighted
Tutor

Re: Shrew VPN Question

Bingo:  I figured it out:

I found and reviewed a document on connecting Shrew to a Linksys:

https://www.linksys.com/us/support-article?articleNum=143689

Which says "If the VPN client is not behind a NAT, click the Client tab then select disable for the NAT Traversal option."

I set the NAT Traversal = DISABLED and that fixed the issue.

 

Nothing else in the Linksys setup applies to my Netgear FVS318Gv2.  All other settings used came from 

https://www.hackviking.com/security_and_hacks/ipsec-vpn-with-netgear-fvs318v3/

 

Thanks to everyone for the tidbits that helped find the solution. 

It's absolutely amazing to me that the Shrew Web Site doesn't offer adequate help or support in configuring their client that they hope to sell licensing for; (The Pro Version).

How can anyone make money selling tools that noone can figure out how to use!   Terrible business model.

View solution in original post

Model: FVG318v2|ProSafe 802.11g Wireless VPN Firewall 8-ports
Message 6 of 6

All Replies
Highlighted
NETGEAR Moderator

Re: Shrew VPN Question

Hi @Augello,

 

This link might help.  Also, try to delete the existing VPN/IKE policies from the FVS336Gv2 then re-create it using the VPN Wizard as well as having a whole new configuration on the Shrew Soft VPN Client software. 

 

 

Regards,


DaneA

NETGEAR Community Team

Message 2 of 6
Highlighted
Tutor

Re: Shrew VPN Question

Thanks but that is the exact document I have been using. What I do not know is which IP addresses in the document should be replaced with the actual IP addresses for my system. For example the DNS entries included in the document do not coincide with my actual DNS. I have set up my system exactly as the document is stated and it does establish a connection but it is completely unusable can't ping through it can't see anything at the other end of the tunnel.
So I'm searching for a better example to follow that more clearly stateswhich entries need to be replaced with my actual IP addresses.
Mike
Model: FVG318v2|ProSafe 802.11g Wireless VPN Firewall 8-ports
Message 3 of 6
Highlighted
NETGEAR Moderator

Re: Shrew VPN Question

@Augello,

 

I searched online and found this link.  The FVS318v3 indicated from the link is already EoL (End of Life) and possibly the Shrew Soft VPN Client software used might be an old version already but it might still help as reference guide. 

 

 

Regards,

 

DaneA

NETGEAR Community Team 

Message 4 of 6
Highlighted
Tutor

Re: Shrew VPN Question

Close but not quite there.  Once the tunnel is open :  I can't open any LAN workstation folders but can ping workstation addresses.  Yet machines from the LAN side I can open folders on the VPN Client workstation; which kind of scrambles my eggs Smiley Happy

I'll keep hacking. 

Thanks for getting back to me.  I'm closer; just not there yet.

Mike

Model: FVS318Gv2|ProSafe gigabit 8 port VPN firewall
Message 5 of 6
Highlighted
Tutor

Re: Shrew VPN Question

Bingo:  I figured it out:

I found and reviewed a document on connecting Shrew to a Linksys:

https://www.linksys.com/us/support-article?articleNum=143689

Which says "If the VPN client is not behind a NAT, click the Client tab then select disable for the NAT Traversal option."

I set the NAT Traversal = DISABLED and that fixed the issue.

 

Nothing else in the Linksys setup applies to my Netgear FVS318Gv2.  All other settings used came from 

https://www.hackviking.com/security_and_hacks/ipsec-vpn-with-netgear-fvs318v3/

 

Thanks to everyone for the tidbits that helped find the solution. 

It's absolutely amazing to me that the Shrew Web Site doesn't offer adequate help or support in configuring their client that they hope to sell licensing for; (The Pro Version).

How can anyone make money selling tools that noone can figure out how to use!   Terrible business model.

View solution in original post

Model: FVG318v2|ProSafe 802.11g Wireless VPN Firewall 8-ports
Message 6 of 6