Question about PC Desktops

3 Answers

I am having problems configuring a site to site vpn on my Cisco 8xx series router. I have established the vpn using the config provided but can't talk to any computers at the other end.

Posted by on

  • henry_admin Jan 11, 2009

    I can ping my own gateway and the TIP ip address on the other side. The problem is with configuring the access lists i believe.

    I have the config's from both routers and i need a cisco expert to review it with me.


×

3 Answers

  • Level 1:

    An expert who has achieved level 1.

    Hot-Shot:

    An expert who has answered 20 questions.

    Corporal:

    An expert that has over 10 points.

    Mayor:

    An expert whose answer got voted for 2 times.

  • Contributor
  • 30 Answers

Send me the configs from both routers and I will look at it for you and advise. Sounds like an ACL issue.

Posted on May 12, 2009

  • Level 1:

    An expert who has achieved level 1.

  • Contributor
  • 1 Answer

Depending on the version of code, sometimes you have to implicitly deny the decrytped traffic. I.e the traffic is matched pre and post decryption (again, depending on code version I thiink). Also, those devices still nat the traffic if it matches the rules. So if you are patting (natting to one address with the overload command), you will need to doe it with an extended acl that "denies" the traffic first so it will not be translated. This will have to happen on both ends prior to you being able to see the result. On static nat entries, that can even be worse and there are some hairy techniques to get around this.

So make sure you are actually sending traffic by looking at the output from a "show crypto ipsec sa". If so, look at nat. My .02.

Posted on Jan 11, 2009

  • Level 1:

    An expert who has achieved level 1.

    Corporal:

    An expert that has over 10 points.

    Mayor:

    An expert whose answer got voted for 2 times.

    Problem Solver:

    An expert who has answered 5 questions.

  • Contributor
  • 13 Answers

First, check if you are able to ping the default gateway IP, then check if you have configured your NAT for inward request.

Posted on Jan 11, 2009

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

3 Answers

I am not able to open badoo in UAE it is blocked. even the proxy site website http://proxysites.in/ is blocked.


Badoo is blocked in UAE as well as many proxy and vpn services. You can try Sahrzad vpn or vpn account. They work fine to open blocked sites in Dubai UAE.
VPN Account Fast and Reliable VPN Service
Sahrzad VPN The Best VPN Service to Access Blocked Sites
11_17_2014_9_51_20_am.jpg

Jul 30, 2011 | PC Desktops

Tip

How to setup VPN on a D-link Router.



Ok to Setup you VPN follow the instructions below. You can configure DI-804HV, DI-808HV, and DI-824VUP+ by web management interface. Type 192.168.0.1 (The LAN IP is 192.168.0.1 by default) in the browser, and then input user name: admin (there is no password by default) to pass authentication of web management interface. Then finish the configurations as showed below on Gateway A and Gateway B. Configurations of Gateway A 􀂾 Model: DI-804HV (DI-808HV, or DI-824VUP+) 􀂾 Firmware version: v1.40 (You can download the latest firmware on D-Link’s website.) 􀂾 WAN IP Address: 14.15.16.17 (Static IP) 􀂾 LAN IP Address: 10.5.6.1 (Subnet Mask: 255.255.255.0) 􀂾 VPN Configurations: 􀂄 Enable VPN function on Gateway A. 􀂄 Tunnel Name: toGatewayB 􀂄 VPN Method: IKE (Main mode) 􀂄 Local Subnet: 10.5.6.0 􀂄 Local Netmask: 255.255.255.0 􀂄 Remote Subnet: 172.23.9.0 􀂄 Remote Netmask: 255.255.255.0 􀂄 Remote Gateway: 22.23.24.25 􀂄 Pre-share Key: hr5xb8416aa9r6 􀂄 IKE Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 28800 􀀹 Life Time Unit: Second 􀂄 IPSec Proposal (Please remember to add the correct proposal ID into the list of IKE Proposal Index when you finish inputting the following information.) 􀀹 Proposal Name: toGatewayB 􀀹 DH Group: Group 2 􀀹 Encapsulation Protocol: ESP 􀀹 Encryption Algorithm: 3DES 􀀹 Authentication Algorithm: SHA1 􀀹 Life Time: 3600 􀀹 Life Time Unit: Second 4. Verify the VPN connection Before you start to establish VPN connection between Gateway A and Gateway B, please make sure the Internet connection between Gateway A and Gateway B is workable. You can use “Ping Test” tool on Gateway A (or Gateway B), and input the IP address of Gateway B (or Gateway A) to see if there is any response from its peer device. Connect a PC (called PC_A) to the LAN port of Gateway A, and connect another PC (called PC_B) to the LAN port of Gateway B. Start to “Ping” PC_B on PC_A, then Gateway A will start to establish IPSec connection with Gateway B. If you can get “Ping” responses from PC_B on PC_A, then it means the tunnel has been established successfully. You can also check the “VPN Status” page with web management interface to verify the status of VPN connections. Figure 1: VPN status of Gateway A after IPSec connection has been established. Figure 2: VPN status of Gateway B after IPSec connection has been established.
Hope this helps
Here it is in PDF.http://www.vpnc.org/InteropProfiles/D-Link-DI.pdf






on Feb 11, 2010 | PC Desktops

1 Answer

I can get on yahoo email account but cannot connect to yahoo messenger. I receive message that my yahoo virtual IP server failed. What can I do to use yahoo messenger?


You shouldn't have a virtual ip number unless you're using a VPN to connect to the net. Check your firewalls, router, anti-virus and make sure the port yahoo msg uses isn't blocked. Yahoo messenger support site should tell you what the port address is that needs to be opened to use it. TYpically they are not blocked but a firewall or other, like router or anti-virus may be configured to block the port,.

Jul 06, 2011 | PC Desktops

1 Answer

I dont know my wpa key to get online


Use an Ethernet cable between the network-port on your computer and one of the LAN ports on your wireless router.

Start Internet Explorer.
Connect to the web-server "inside" the router.
Run the "Wireless Networking Setup Wizard", to establish an SSID, choose an encryption-level (use 'WPA'), and to establish a password/pass-phrase/network-key.

Use the SSID and the password to connect to your newly-configured wireless network.

Sep 24, 2010 | PC Desktops

3 Answers

Router / switch


For your type of varity the ideal harware would be a router. Preferably netgear.

May 30, 2009 | PC Desktops

2 Answers

Cisco VPN Client Error


Hello
Try to switch off the Cisco VPN Stateful firewall.

Apr 19, 2009 | PC Desktops

2 Answers

Speedtouch 585V6, mapping ports doesn't seem to work properly. I need port 343 mapped for my work vpn, done it on other brands of router but this one is getting the better of me, as it disconnects from...


Hi,
connect to webmanagement via internet explorer http://192.168.1.254
Click on Toolbox
then Game & Application Sharing
Click on Configure at the top
Use UPnP or Create custome port.

I have a THOMSON TG585 v7 or may not be the same.
Hope this helps.

Jun 08, 2008 | PC Desktops

2 Answers

One computer on network can't open internet pages


Try resetting the modem. It may be the Modem has to re-assign an appropriate ip address to your desktop.

Apr 01, 2008 | PC Desktops

Not finding what you are looking for?
PC Desktops Logo

Related Topics:

85 people viewed this question

Ask a Question

Usually answered in minutes!

Top PC Desktops Experts

joecoolvette
joecoolvette

Level 3 Expert

5660 Answers

Brian Sullivan
Brian Sullivan

Level 3 Expert

27725 Answers

Les Dickinson
Les Dickinson

Level 3 Expert

18297 Answers

Are you a PC Desktop Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...