Archived from groups: comp.dcom.vpn (
More info?)
Thanks for responding, Helmut.
I am aware about the different subnet addresses condition. But on the
client side, i just have a public address given by the ISP, no LAN.
I guess it's more to do with NAT traversal even if my broadband modem is
supposed to be just that, a modem and not a router (it's a "blackbox"
leased by the ISP) and in that case, no NAT is needed.
The Zyxel supports it but i am not sure about the VPN client NAT-T support.
My VPN client version is exactly "IPSEC Dialup client" Safenet SoftRemote
9.2.1 (build 2)
I didn't find any parameter to tweak NAT-T on this client unlike in SSH
sentinel.
"Helmut Gaishauser" <6ofeight@web.de> a écrit dans le message de
news:Xns95A37A5D516206ofeight@ID-120281.user.dfncis.de...
> "Philippe Torres" <djeunk@club-internet.fr> schrub am 13 Nov 2004:
>
> > client : saferemote vpn client on win XP
> > server : Zyxel Zywall 50
> >
> > Connexion goes up but i just can receive ping replies from the
> > remote lan ip of the zyxel router.
> >
> > Pinging any pc on the remote network do not return any reply.
> >
> > Adding a static route on the remote lan PCs don't change anything :
> > route add <vpn client wan ip> mask 255.255.255.255 <vpn router lan
> > ip>
> >
> > Anyone met this kind of trouble ?
> >
> >
> Yep. Just up to a few minutes back, I had the same problem. But I think
> I found the solution:
>
> * the remote address has to be a subnet which is not in the
> addressrange of the destination network.
> * NAT Traversal has to be enabled, if there are some other routers in
> between (e.g. You are behind a cable/DSL-Modem with router)
> * both networks may not share the same address-range. (e.g.
> 192.168.1.0) unless NAT is setup properly. (This I am investigating
> further)
>
> HTH
>
> --
> cheers /"\ ASCII Ribbon Campaign
> hELMUT \ /
> X No HTML in
> / \ email & news