I'm trying to create a vpn connection for a family friend of mine, and
so far it's not working at all.
they wanted me to hook up a connection from their office (static ip)
to their home (dynamic ip) and after
about two weeks of trial and error, i finally managed to get both
locations to work, both endpoints will
communicate to create a connection, but when i try to ping across the
vpn tunnel i can't get a response.
the response is the same when i attempt to run the terminal emulator
from the home location--no response
at all though the vpn endpoints do show data transferring at each end
of the tunnel.
note: the vpn tunnel is needed for data entry from a terminal emulator
to a unix server running at the office.
here are the details:
at home:
internet connection type: dsl, dynamic ip
dsl modem model: zwire 1000sw series, i turned off router mode and
activated bridge mode. so the netgear router
manages the internet connection.
note: in order for the vpn's to make the connection, i have used
dyndns.org dynamic dns service to point to
the dynamic ip. i've also set up the router to renew its address on
dyndns.org whenever it makes a change.
router type: netgear fwag114 vpn firewall router.
i am using the vpn ipsec auto policy which uses an ike policy with
pass-phrase keys
1)AH is turned off
2)ESP is turned on
a) 3des is on, and passwords match input/output at office
b) sha-1 is on, and passwords match input/output at office
3)Nat is turned off
4)the ip scheme is 190.186.8.xxx
5)the subnet mask is 255.255.255.0
6)DHCP is turned on
7)DHCP relay is turned off
at the office:
internet connection type: dsl, static ip (from a set of five)
dsl modem model: netopia 3500 series, it is turned on to "bridge
mode" but is still used to
connect to the internet. so the modem has the relevant dns
information and manages the dsl connection.
note: the office purchased an order for five ip's but they are only
using two, one is for the
office and the other is for the neighboring business.
router type: netgear fwag114 vpn firewall router.
i am using the vpn ipsec auto policy which uses an ike policy with
pass-phrase keys
1)AH is turned off
2)ESP is turned on
a) 3des is on, and passwords match input/output at home
b) sha-1 is on, and passwords match input/output at home
3)Nat is turned off
4)the ip scheme is 192.20.9.xxx
5)the subnet mask is 255.255.255.0
6)DHCP is turned on, but the machines that the vpn connects to retains static ip's
7)DHCP relay is turned off
8)the unix server at the office is connected to a switch that
connects to the router.
please help, i'm really confused why it doesn't work.
-thanks
allan |
