Welcome, Guest. Please login or register.
Did you miss your activation email?
November 23, 2017, 01:39:17 AM

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
13543 Posts in 4160 Topics by 5268 Members
Latest Member: Khmart
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  IPsec/NAT not working
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: IPsec/NAT not working  (Read 333 times)
JEK
Jr. Member
*
Offline Offline

Posts: 3


« on: October 12, 2017, 06:32:16 PM »

Hi,

I'm running Endian Community 3.0 and I'm having trouble connecting to another net over IPsec.
Well, the tunnel is actually connecting but I'm not able to ping anything on the other side. I'm assuming that there's a problem with the NAT I configured. The nets that should be connected are 10.10.0.0/24 (my side) and 172.25.99.0/24.
I configured the following NAT rule:

Source NAT
Source:        Network/IP 10.10.0.0/16
Destination:  Network/IP 10.10.0.0/24
Service/Port: ANY/ANY
NAT to source address Auto

Maybe someone can point me to where I'm wrong? Help is much appreciated.

Thanks in advance.
Logged
Dark-Vex
Full Member
***
Offline Offline

Posts: 43


« Reply #1 on: October 16, 2017, 06:12:14 PM »

Hi,
why you have setup this Source NAT rule?  for the IPSec tunnel is not necessary.
If you cannot reach the other side maybe the tunnel is not properly established, could you please try from SSH to run the following command in order to see if the IPSec tunnel is up?

ipsec statusall

Bye
Daniele
Logged
JEK
Jr. Member
*
Offline Offline

Posts: 3


« Reply #2 on: November 10, 2017, 01:26:18 AM »

Hi,

I would really like to do that but I'm not sure how to connect to the system via SSH. I have credentials for the login to the web interface but these do not work for SSH.

Regards
Logged
Dark-Vex
Full Member
***
Offline Offline

Posts: 43


« Reply #3 on: November 13, 2017, 07:07:18 PM »

You can use on Windows the software Putty for connect to the firewall, the username for access to the system is "root" and the password that you have set
Logged
JEK
Jr. Member
*
Offline Offline

Posts: 3


« Reply #4 on: November 14, 2017, 07:47:06 PM »

Ok. My fault. I must have mistyped my password...

The status of the tunnel is CONNECTING. But that's just because it gets disconnected after a few hours of not using it. If someone from the other side of the tunnel is pinging something on my side the tunnel establishes and they can reach my net.
But it's not working from my side. So I was assuming it has to have something to do with my NAT.

Just to be sure it's clear what I'm trying to do. My net is 10.10.0.0/16. I'm trying to connect to the net 172.25.99.0/24 through IPSEC. I was thinking that I need to configure NAT on my side from 10.10.0.0/16 to 10.10.0.0/24 to get this working.

Regards
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.06 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com