Hi there,
we tried to set up a connection via IPSec between two networks. At the end both of our ASG's showing a green indicator for an established connection. We thought so.
Company A:
- ASG 220 with Firmware 7.306
- eth0 and eth1 working in bridged mode
- ASG is not the default gateway from lan to web and from web to lan
- ASG's gateway is our router, working as default gateway from lan, with IP from our internal network
- between ASG and gateway a second box works in brigded mode too
- internal network is 10.xx.yy.zz/16
- everything related to IPSec (ip 50, udp 500, udp 4500) is forwarded from our router through second box to our ASG
Company B:
- ASL on dedicated Hardware with Firmware 7.402
- works in routing mode
- ASL is set as default gateway
- dmz network is 10.aa.bb.cc/24
- IP of our ASG as optional VPN ID
Both:
- a new created policy with PSK
- both are initiating the connection
- no routes
- no NAT's or Masq's
Looks like that:
[lan] --- [ASG] --- [FW] --- [Router] --- [internet] --- [Router/Modem] --- [ASL] --- [dmz]
For testing I changed my default gateway in windows from router to our ASG and it works.
For testing if the connection between networks works fine we tried 'tlenet', 'tracert', 'ping' and 'tcpdump' via console. My packets couldn't bee seen on the ASL and sometimes I could see packets from the other net in my logs.
I couldn't see the bottle's neck. Is it a problem related to the different versions?
We'd like to use the tunnel for accessing the mail server in B, because B provides mail services for us.
Thanks for helping.
--
Kind regards, Steffen
This thread was automatically locked due to age.
