B
bob
I have a IP Security Policy setup on my XP Professional machine. It sets up
a VPN Tunnel using a preshared key. Now, I can ping any machine on the
remote network (192.168.1.0 subnet) just fine through the tunnel. I cannot
telnet, ftp or connect to http.
Also, the Windows XP firewall has been turned off. I confirm this by having
www.grc.com do a shields up test on my computer. I'm using no 3rd party
firewall stuff.
If I use SSH Sentinel, I can do everything just fine (firewall on or off).
\\192.168.1.5 (mount shared drives over tcp) and http://192.168.1.1 (zywall
web config) etc.. etc. So, what's with the builtin IPSEC? It's connected
since I can ping 192.168.1.5 (or any other computer on the remote LAN) but
it won't let me \\192.168.1.5
It's a Zywall 10 II that I'm VPNing into. Its FAQ says that Windows 2000
IPSEC should work. One of my guesses is that maybe SSH Sentinel
automatically lowers the MTU to an acceptable size like 1200 or something..
and WinXP doesn't know to do that. I'm encrypting with SHA-1 and 3DES. The
Zywall log shows that a functioning IPSEC Tunnel is setup when I connect
with the Windows XP IPSEC.
My computer at home (also XP Pro) is connected by ethernet cable to a
RoadRunner Cablemodem. But, I've done the SSH Sentinel VPN from coffehouses
with my laptop and it works perfect. On both computers in all scenarios
(direct connect to internet or behind NAT), I can only ping using winXP
builtin IPSEC.
Who has experienced this? I'm in the process of squishing down the MTU..
but.. no luck yet. I found that the maximum packet size I can ping with
through the VPN is 1415 so I set MTU to 1400.. reset network still didn't
work. Rebooted to make sure MTU change stuck... still didn't work. Thanks
for any help.
Please respond publicly to the newsgroup so the solution will be preserved
by the almighty google.
e
a VPN Tunnel using a preshared key. Now, I can ping any machine on the
remote network (192.168.1.0 subnet) just fine through the tunnel. I cannot
telnet, ftp or connect to http.
Also, the Windows XP firewall has been turned off. I confirm this by having
www.grc.com do a shields up test on my computer. I'm using no 3rd party
firewall stuff.
If I use SSH Sentinel, I can do everything just fine (firewall on or off).
\\192.168.1.5 (mount shared drives over tcp) and http://192.168.1.1 (zywall
web config) etc.. etc. So, what's with the builtin IPSEC? It's connected
since I can ping 192.168.1.5 (or any other computer on the remote LAN) but
it won't let me \\192.168.1.5
It's a Zywall 10 II that I'm VPNing into. Its FAQ says that Windows 2000
IPSEC should work. One of my guesses is that maybe SSH Sentinel
automatically lowers the MTU to an acceptable size like 1200 or something..
and WinXP doesn't know to do that. I'm encrypting with SHA-1 and 3DES. The
Zywall log shows that a functioning IPSEC Tunnel is setup when I connect
with the Windows XP IPSEC.
My computer at home (also XP Pro) is connected by ethernet cable to a
RoadRunner Cablemodem. But, I've done the SSH Sentinel VPN from coffehouses
with my laptop and it works perfect. On both computers in all scenarios
(direct connect to internet or behind NAT), I can only ping using winXP
builtin IPSEC.
Who has experienced this? I'm in the process of squishing down the MTU..
but.. no luck yet. I found that the maximum packet size I can ping with
through the VPN is 1415 so I set MTU to 1400.. reset network still didn't
work. Rebooted to make sure MTU change stuck... still didn't work. Thanks
for any help.
Please respond publicly to the newsgroup so the solution will be preserved
by the almighty google.
e