Please help BEFSX41 to BEFSX41 VPN connects, no shares

[digitaldave1984]

I really really need some help here. Thinking that 2 hardware endpoints would be a slam dunk, I put a Linksys BEFSX41 vpn endpoint at both(3) sides. The short story, I get a connect, not able to ping the remote PCs, and can not see them at all from either end. The long story (settings) follows:
3 Lans, all called home
Office: SprintDSL, dynamic IP, Earthlink ISP w/PPoE, DynDNS for IP update. Zytel 645 modem set in bridge mode, Linksys handling PPoE. Per Sprint & Earthlink, IPsec is passed and VPN is OK. LAN IP 192.168.2.nnn Router setting: 192.168.2.1
Home 1: Cox Cable modem, LAN IP 192.168.1.nnn Router 192.168.1.1
Home 2: GTE/Verizon, LAN IP 192.168.0.nnn Router 192.168.0.1
Common settings for Routers/VPN: Firewall disabled, Block WAN requests disabled, VPN tunnel 1 enabled, all sites, tunnel 2 alsoenabled at office. NETBIOS broadcast in advanced setting enabled.
VPN Office: Local secure group 192.168.2.0 Tunnel 1 Remote secure group 192.168.0.0 Tunnel 2 192.168.1.0 remote secure gateway any auth disabled encrypt disabled pfs disabled , same Pre-shared key on all 3.
VPN Home 1: local secure group 192.168.0.0 remote secure group 192.168.2.0 remote gateway IP of office (dnsupdater & pinged)
VPN Home 2: Local secure group 192.168.1.0 remote secure group 192.168.2.0 remote gateway IP of office (dnsupdater & pinged)
Both remote sites can connect to the office, though none of the shares or PCs showup, won't ping any of the IP other than the gateway IP, and can not be connected to in any manner.

I desperately would appreciate some direction. What am I missing here? One thing I have not tried is connecting to Home1 to Home2, I will do that tonight as I'd like to eliminate the Office PPoE as an issue.

Dave

 

[digitaldave1984]

Update. I set up a tunnel from home1 to home2. Same result. I get connected, but cannot see anything on the remotes. No ping, no find, etc.

 

[osellison]

HA HA Good to see you Dave, I was investigating other sources for ya.

I feel bad you haven't solved your problem yet.

Have you tried to set up a mapped drive, with a user name/password from a remote pc. I'm convinced it's not the router settings.

I'm still thinking

osellison (from broadband reports)

 

[fyrewyr]

On one machine at each side of the VPN endpoint, open a Command prompt, and type:

PING -t OtherLanMachineIP

You'll start getting a lot of "timeouts". Leave this window alone for now (when you're done, Ctrl-C will stop it).

Open another DOS prompt at both machines. Type:

ROUTE ADD OtherSubnet MASK SubnetMask LinkSysLocalGatewayIP

and tell me if your pings start working. If they do, we'll need to talk further. The route has to be correct on both sides. I didn't see your operating system, so can't advise about Kerberos (UDP), and there are a lot of finer points that I can help you with.

Also refer to this thread: thread83-492522

Let me know.

 

[alpboy]

Try this site

http://www.delilama.net

good luck

 

[bruswell]

Hello I have been watching this forum. I have the same linksys befsx41 to befsx41. They connect but cannot ping or share folders etc. Did you find a solution to your problem?

 

[markku]

Are the Gateways of the machines in LANs pointing to local Linkies?

Is the LAN IP of remote Linky pinging?

 

[bruswell]

Hello again, Let's start from the top I have befsx41 ver 1.44 Nov 02 and a befsx41 1.44 Dec 02. At my office the vpn end point:

Tunnel 1
Office/Home
Subnet 192.168.0.0
Mask 255.255.255.0
Remote Any
Rem Sec Gateway Any
3des
sha
Auto(ike)
PFS ticked
preshared key XXXXXXX
Key Life 3600

Advanced
Phase 1:
Operation mode : Main mode
Proposal 1:
Encryption : DES3DES
Authentication: MD5SHA
Group : 68-bit1024-bit
Key Lifetime : 3600 seconds

Phase 2:
Proposal : 2
Encryption : 3DES
Authentication: SHA
PFS : ON
Group: 1024-bit
Key Lifetime : 3600 seconds

Other Options:
NetBIOS broadcast
At my Home I have a xpPC connected to the BEFsx41 which end points reads:

Tunnel1
Home/Office
192.168.1.0
255.255.255.0
Remote: 192.168.0.0 Mask 255.255.255.0
Remote Gateway: isp generated
Advanced is identical to first befsx41 settings.

I can get connected, at least the log says so....but cannot ping remote pc or remote routers local ip address.

 

[fyrewyr]

While the answer could be in your post, I didn't read it closely because I want to know something else. Please open a CMD prompt (Start | Run | CMD.EXE), type ROUTE PRINT, then post the results here.

Note: I'm only interested in the routes:

192.168.1.0
and
192.168.0.0

i.e., don't include other network routes, unless you're comfortable showing those to the world at large. I'll need the routing table from a PC on BOTH sides, since either PC's route can prevent communication. If routing turns out to be a problem, which we can test PC->PC, we can discuss a better way to set up routing.

Here's an example of what I'm expecting to see:

Machine at 192.168.0.x
ROUTE PRINT
Network Dest Netmask Gateway Interface Metric
192.168.1.0 255.255.255.0 192.168.0.? 192.168.0.? 1
Default Gateway: 192.168.?

which is half (one side) of a good route. Please also include any broadcast Destinations (ending in .255).

Best,
Kirk

 

[markku]

You could try to lower your MTU settings.

The necessary tool is here:

http://www.dslreports.com/faq/578