- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Remote LAN access failure through site to site FVS336 IPsec VPN
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Remote LAN access failure through site to site FVS336 IPsec VPN
Hi,
I'm using 2 FVS336G boxes (One is FVS336G-V1 and another is FVS336G-V2) on two different remote locations for years now on.
Everything is fine.
I'm started off configuring Gateway to Gateway IPsec between those 2 locations.
I have had IPsec tunnel up and running fine.
Configuring IKE and VPN policies on each of the VPN/Firewall was pretty much easy.
However I have issues when I try accessing hosts on remote LAN.
On of the 2 LAN's is configured as subnet 172.16.1.0/24 and the other one is configured as subnet 192.168.3.1
So far a ping from any host on first LAN (172.16.1.0/24) to remote IP 192.168.3.1 (FVS336Gv2 LAN address) works fine
A ping from any host on second LAN (192.168.3.0/24) to remote IP 172.16.1.1 (FVS336Gv1 LAN address) works fine too.
Now a ping or any action from any host on first LAN (172.16.1.0/24) to remote address on LAN 192.168.3.0/24 will
the same errot from LAN 192.168.3.0/24 to LAN 172.16.1.0/24
It seems I need populate a rule somewhere but I don't have any clue how to do that
Can someone provide exemple or help ?
I don't think static route will do the trick however could someone help here please ?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote LAN access failure through site to site FVS336 IPsec VPN
Hi tronegeden,
Firewall rules are not meant to work on VPN connections and same as with static route. Let us isolate the problem. Kindly answer the questions below:
a. Since the VPN connection was working for years, are there any settings modified recently on either of the FVS336Gv1 and FVS336Gv2?
b. Are both locations where the FVS336Gv1 and FVS336Gv2 are deployed subscribed to the same Internet Service Provider or ISP?
c. Are there any firewall rules set on either FVS336Gv1 and FVS336Gv2?
d. What is the current firmware version of the FVS336Gv1 as well as the FVS336Gv2?
e. Have you tried to delete the exisitng IKE and VPN policies on both FVS336Gv1 and FVS336Gv2 then create a new VPN connection using the VPN Wizard?
I look forward to your response.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote LAN access failure through site to site FVS336 IPsec VPN
Hi Dane
I have had a solution to the issue.
Problem was ACL blocking responses to PING test
Removed the rule and I'm good to go now
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote LAN access failure through site to site FVS336 IPsec VPN
Hi tronegeden,
I am glad that the issue has been resolved.
Feel free to post your future concerns here in the NETGEAR Community.
Cheers,
DaneA
NETGEAR Community Team