This topic has been closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Start a New Discussion
Hi,
I'm using 2 FVS336G boxes (One is FVS336G-V1 and another is FVS336G-V2) on two different remote locations for years now on.
Everything is fine.
I'm started off configuring Gateway to Gateway IPsec between those 2 locations.
I have had IPsec tunnel up and running fine.
Configuring IKE and VPN policies on each of the VPN/Firewall was pretty much easy.
However I have issues when I try accessing hosts on remote LAN.
On of the 2 LAN's is configured as subnet 172.16.1.0/24 and the other one is configured as subnet 192.168.3.1
So far a ping from any host on first LAN (172.16.1.0/24) to remote IP 192.168.3.1 (FVS336Gv2 LAN address) works fine
A ping from any host on second LAN (192.168.3.0/24) to remote IP 172.16.1.1 (FVS336Gv1 LAN address) works fine too.
Now a ping or any action from any host on first LAN (172.16.1.0/24) to remote address on LAN 192.168.3.0/24 will
the same errot from LAN 192.168.3.0/24 to LAN 172.16.1.0/24
It seems I need populate a rule somewhere but I don't have any clue how to do that
Can someone provide exemple or help ?
I don't think static route will do the trick however could someone help here please ?
Hi tronegeden,
Firewall rules are not meant to work on VPN connections and same as with static route. Let us isolate the problem. Kindly answer the questions below:
a. Since the VPN connection was working for years, are there any settings modified recently on either of the FVS336Gv1 and FVS336Gv2?
b. Are both locations where the FVS336Gv1 and FVS336Gv2 are deployed subscribed to the same Internet Service Provider or ISP?
c. Are there any firewall rules set on either FVS336Gv1 and FVS336Gv2?
d. What is the current firmware version of the FVS336Gv1 as well as the FVS336Gv2?
e. Have you tried to delete the exisitng IKE and VPN policies on both FVS336Gv1 and FVS336Gv2 then create a new VPN connection using the VPN Wizard?
I look forward to your response.
Regards,
DaneA
NETGEAR Community Team
Hi Dane
I have had a solution to the issue.
Problem was ACL blocking responses to PING test
Removed the rule and I'm good to go now
I am glad that the issue has been resolved.
Feel free to post your future concerns here in the NETGEAR Community.
Cheers,
