 VPN
Router Tutorial - Getting it to work with an IPSec Client Part 5:
Troubleshooting Client Connectivity Problems
The
Logs
Your number 1 buddy in diagnosing VPN
connectivity problems is 'IKE LOG WINDOW' found by right clicking
the SSH Sentinel and selecting the 'auditing' menu. Be sure to
set the log detail level to 'low'. Try to connect, then look at
the last couple of lines of data. It will give you a hint
about the problem.
Many VPN Routers have logs also that can be
checked too.
DOUBLE CHECK ALL
SETTINGS
I found that somehow or
another my settings sometimes mysteriously changed in my client
setup. Double check them ALL.
Time and Time Zones
It is very important that your computer and
VPN router have the correct time zone settings and time.
Without these, keys expiration is not handled correctly.
My remote client
is behind a router or firewall
Not all firewalls or even broadband routers
will pass IP traffic. Others require the client computer to be
in a DMZ. First look at the technical specs for the router and
make sure it specifies 'IPSec Passthrough'. If not, try
placing the client computer in the DMZ. Also, try upgrading
the firmware of your router. If neither of these work then it
might be time for a new router in the client end.
My home broadband
connection uses a dynamic IP address and I don't know what it
is.
You should use a DynamicDNS service to keep
track of your current IP address. Try DNS2GOI want to link up
two LAN's instead of going computer to lan
This requires a VPN capable broadband router
on both sides and will be covered by another tutorial later.
The remote computer is on a LAN that
has the same IP schema as my lan.
You will need to change the IP schema of one
of the LAN's. Do something like change it from
192.168.1.0/255.255.255.0 to 192.168.33.0/255.255.255.0
Do NOT write me email
with VPN questions. Use the forums.
More Help!
(outside links)
Article TOC |
|
|
If you enjoyed this tutorial, please LINK to it! |
| 
Troubleshooting VPN Problems
Menu: