0

ipsec auto --status says that the connection is established:

000 #544: "VPN":4500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 208s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0); idle; import:admin initiate

But I do not see any changes in route table and the destination server does not respond to ping.

What I should check next what might be wrong? I asked from the Juniper admin and he said that tunnel is up but he cannot see the sent ping packets from us.

Kamsiinov
  • 103
  • 4
  • Could you add your conf to the question? Be sure to redact the actual IP's, – RI Swamp Yankee Aug 15 '17 at 17:00
  • version 2.0 config setup protostack=netkey nat_traversal=yes virtual_private=%v4:192.168.17.0/24 conn VPN authby=secret auto=start type=tunnel left=10.30.40.150 leftid=10.20.30.140 leftsubnet=10.30.40.0/24 leftnexthop=%defaultroute right=10.10.21.21 rightsubnet=192.168.17.0/24 rightnexthop=%defaultroute ike=aes256-sha1;modp1536 phase2=esp phase2alg=aes256-sha1 keyexchange=ike pfs=yes – Kamsiinov Aug 15 '17 at 17:09
  • Any ideas for this? Looking with tcpdump I can see that the tunnel itself is able to discuss with the other end but for example ping packets or telnet is not visible in the dump. – Kamsiinov Aug 16 '17 at 06:08

0 Answers0