Hallo,
Folgenden Konfiguration (10.70.RU2):
MacBook WLAN 172.20.70.129/23 <---> 172.20.70.1/23 (ISG-5000) 10.0.100.1/24 <----> 10.0.100.8/24 Sophos FW
VPN 172.20.1.161/23 <---> 172.20.0.1/23
Bei einem Ping von 172.20.1.161 wird die Response lt. Trace wieder über die VPN Verbindung zurückgeschickt, allerdings kommt da lt. Wireshark nichts an. Ideen ?
Danke
Henri
route get 10.0.100.8
route to: fw
destination: 10.0.0.0
mask: 255.255.0.0
gateway: 172.20.1.116
interface: ipsec0
flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 0 0 0 0 1280 0
IP-Router] 2022/12/10 16:10:40,916
IP-Router Rx (ADMIN@MBM3, RtgTag: 0):
DstIP: 10.0.100.8, SrcIP: 172.20.1.116, Len: 84, DSCP: AF41 (0x22), ECT: 0, CE: 0
Prot.: ICMP (1), echo request, id: 0xd65e, seq: 0x0003
Route: BUNDLE-1 Tx (VLAN100_FWINT)
[IP-Router] 2022/12/10 16:10:40,916
IP-Router Rx (BUNDLE-1, VLAN100_FWINT, RtgTag: 0):
DstIP: 172.20.1.116, SrcIP: 10.0.100.8, Len: 84, DSCP: AF41 (0x22), ECT: 0, CE: 0
Prot.: ICMP (1), echo reply, id: 0xd65e, seq: 0x0003
Route: WAN Tx (ADMIN@MBM3)
[ICMP] 2022/12/10 16:12:07,580 [ADMIN@MBM3 (29)]
Sending ICMP: Destination unreachable (3), port unreachable (3) packet, scope global, routing tag 0:
IPv4: 172.20.70.1 -> 172.20.1.116, Total-Len: 56
ICMP: Destination unreachable (3), port unreachable (3)
IPv4: 172.20.1.116 -> 172.20.0.1, Total-Len: 76
UDP : 123 -> 123, Total-Len: 56
--> success
SA: Peer ADMIN@MBM3, IKE_SA ikev2 responder
Flags 0x0010000101010010 Server Authenticated Ready
Routing-tag 70, Com-channel 13
Dead Peer Detection 31s authentication methods: local RSA:SHA1 (1) remote RSA:SHA1 (1)
Authenticated-Encryption AES-GCM-16-256 IKE-DH-Group 31
life secs 108000 rekeying_in 94312 secs life_cnt_sec 105112 secs kb 0 byte_cnt_o 0 byte_cnt_i 0
initiator id: mbm3
src: dst: 172.20.70.129
Config Server:
Assigned IPv4 Address : 172.20.1.116
Assigned IPv4 DNS Servers : 172.20.0.1, 172.20.0.5
Assigned Split-DNS Domains : .20.172.in-addr.arpa
Local IPv4 Subnets: 172.20.0.0/15,10.0.0.0/16
VPN over WLAN - ISG5000 - Ping keine Antwort
Forum zu aktuellen Geräten der LANCOM Router/Gateway Serie
Moderator: Lancom-Systems Moderatoren
Zurück zu „Fragen zur LANCOM Systems Routern und Gateways“
Gehe zu
- Ankündigungen
- ↳ LANCOM-Forum.de Ankündigungen
- LANCOM Management Cloud (LMC)
- ↳ LANCOM Management Cloud
- LANCOM-Systems Router
- ↳ Fragen zur LANCOM Systems Routern und Gateways
- ↳ Fragen zu LANCOM UMTS/LTE Router
- ↳ Fragen zum Thema Firewall
- ↳ Fragen zum Thema VPN
- ↳ Fragen zum Thema IPv6
- ↳ Fragen zu LANCOM Systems VoIP Router
- LANCOM-Systems WLAN Controller
- ↳ Alles zum LANCOM WLC-4100, WLC-4025+, WLC-4025 und WLC-4006 WLAN-Controller
- LANCOM Systems Accesspoints, Karten und Antennen
- ↳ LANCOM Wireless aktuelle Accesspoints
- ↳ LANCOM Wireless aeltere Accesspoints
- ↳ LANCOM AirLancer
- ↳ AirLancer Extender Antennen
- LANCOM LCMS - LANCOM Management System
- ↳ LANCOM LCMS/LANtools - (LANconfig, LANmonitor, LANtracer ...)
- ↳ LANCOM Wireless ePaper
- ↳ LANCOM Large Scale Monitor (LSM) und Large Scale Rollout (LSR)
- ↳ LANCOM: LANCOM LANCAPI und CAPI Fax-Modem
- ↳ LANCOM Software-Optionen
- ↳ LANCOM "Mobile Apps"
- ↳ Alles zum LANCOM Advanced VPN Client
- LANCOM Ethernet Switches
- ↳ LANCOM "managed" Switches
- ↳ LANCOM "unmanaged" Switches
- LANCOM-Forum Allgemeines
- ↳ LANCOM-Forum.de Regeln
- ↳ LANCOM: News und Ankündigungen
- ↳ LANCOM FAQ: FAQ-Bereich
- ↳ LANCOM: Allgemeine Fragen
- ↳ LANCOM: Feature Wünsche
- ↳ LANCOM: Custom LANCOM
- Sonstiges
- ↳ Allemeine Themen
- ↳ LANCOM-Forum.de