Results 1 to 5 of 5
  1. #1
    Untanglit
    Join Date
    Jul 2016
    Location
    St. Louis, MO
    Posts
    15

    Default unable to ping across tunnel

    I setup two untangles for ipsec tunnels. Currently the tunnel is "Active", but when i try to ping my equipment on the other end, I get nothing. I followed the webinar and no success. Do i need additional NAT rules?

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,088

    Default

    No NAT rules are required, if the tunnel is configured properly you can pass traffic, if it is not it won't pass anything.

    What are you pinging? Because the Windows firewall by default is in the way, I'd test by pinging the far side Untangle's LAN IP address first.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    Feb 2019
    Posts
    11

    Default

    Quote Originally Posted by turbochardged View Post
    I setup two untangles for ipsec tunnels. Currently the tunnel is "Active", but when i try to ping my equipment on the other end, I get nothing. I followed the webinar and no success. Do i need additional NAT rules?
    Have you set up rules to tell the Untangle to use the tunnel for the remote IP address ranges?

    Also, running a traceroute may be more insightful as it will confirm if the tunnel is being used or not.
    Last edited by jakethecatuk; 02-19-2019 at 12:49 PM.

  4. #4
    Untanglit
    Join Date
    Jul 2016
    Location
    St. Louis, MO
    Posts
    15

    Default

    Quote Originally Posted by jakethecatuk View Post
    Have you set up rules to tell the Untangle to use the tunnel for the remote IP address ranges?

    Also, running a traceroute may be more insightful as it will confirm if the tunnel is being used or not.
    nope, i wasn't sure if it did it for me. What rules do i set?

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,088

    Default

    Quote Originally Posted by jakethecatuk View Post
    Have you set up rules to tell the Untangle to use the tunnel for the remote IP address ranges?

    Also, running a traceroute may be more insightful as it will confirm if the tunnel is being used or not.
    Umm... no... That's not how this works.

    To the OP, look at the IPSec Tunnels tab in your IPsec VPN module. Each tunnel item lists external IP, remote host IP, local network, and remote network. Those local and remote network ranges are what build the routing table for the nearest network on the far side of the tunnel. The only reason you'd need to make any routes beyond that would be to enable communications for networks beyond the VPN.

    If the tunnel is configured correctly, the listed subnets in the tunnel can talk to each other. If they cannot, then something is configured incorrectly with the tunnel itself.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2