Thread: VPN tunnel problem, could be a bug?
View Single Post
  #3 (permalink)  
Old 2007-11-28
bcolemont bcolemont is offline
Junior Member
  
Join Date: 2007-11-27
Posts: 3
Rep Power: 0
bcolemont has an average reputation (10+)
Default Re: VPN tunnel problem, could be a bug?
Yes I mean 6.5, and nothing comes in the log,...

let me try to explain the problem again :


Client 1
192.168.1.1

FW1 cluster<--ipsec tunnel -----> OtherFW <--> Server1
10.0.0.1
Client 2
192.168.1.2


if client 1 pings before the tunnel is up, he gets a route to the dark holes of the internet

if client 2 pings when the tunnel is up, he gets a reply

if client 1 pings again, now when the tunnel is up he still lands in the black hole on the internet.

So client 1 is never ever getting routed correctly and client 2 does, in the rules are definded that all 192.168.1.0 network may connect to 10.0.0.1
We also tried to delete the rule and make it again, also tried to set client 1 specific on a seperated rule to allow it to 10.0.0.1 but nothing helps.
Only thing that helps is to bring down all clients in the 192.168.1.x network, reboot the FW cluster and start up the tunnel and then bring up the clients
Reply With Quote