Hi Everybody
Lately I had to configure Brick, so anyone could connect using ALU IPSec Client to this Brick, and have access to dwa LANs, let's say:
- 192.168.10.0/24, connected to brick's eth1 port
- 192.168.20.0/24, connected to brick's eth2 port
Also, there is WAN connection, trought eth0 port, and direct connection to PC with ALSMS (eth7 port).
Since I'm kind of newbie with Bricks I stucked.
So far, I connected both LANs and gave eth1 address 192.168.10.1, eth2 respectively 192.168.20.1, but haven't applied any zone rulset to those ports. I connected Brick to WAN, and applied zone ruleset that makes possible for host in both LANs to reach WAN (internet). This is actually predefined "vpnzone" ruleset, with one line I added that enables NAT for normal (non VPN traffic) traffic.
Also, I created a VPN Tunel Client Endpoint on WAN interface and it works.
Problem is that when host is connected through VPN it connot reach LANs, nor WAN (I set up DNS addresses, and default gateway).
I studied ALSMS Policy Guide but found no answer.
Also, I have one more question. Is it normal that hosts from both LANs can't ping Brick ports? Also, I can't ping Brick public address. Is it normal, for security purposes, or is there an option that controls it?
Thanks for help!
FranzM
Brick - Basic VPN configuration
Hello, I am mang. we require a local BP there to provide pricing for the upgrade and local support.
Please contact me and I will pass on your details to the local account manager here.
Please contact me and I will pass on your details to the local account manager here.
[url=http://in.linkedin.com/in/crossancessys ... shiagarwal
rishi agarwal]RISHI AGARWAL[/url]
-----------------------------------------------------------
mang
rishi agarwal]RISHI AGARWAL[/url]
-----------------------------------------------------------
mang
I got into the same trouble. I have a Brick 150, and i want to use client tunnel endpoint for remote client.
- 172.16.0.0/24 connect to eth0
- 192.168.0.0/24 connect to eth1
Remote client in 172.16.0.0 can use ALU IPsec client to join 192.168.0.0 network.
I used default vpn_client_rules in LSMS, configured tunnel endpoint, radius service, local map addresses group = 192.168.0.100-192.168.0.200, host behind tunnel = *, .....
The configuration works, but the VPN clients are only assigned VPN's ip address but not default gateway.
I tried to browse in policy guide but don't know how to set default gateway address for VPN clients.
Do i have to upgrade or purchase anything ?
Thanks for help !
dash1986
- 172.16.0.0/24 connect to eth0
- 192.168.0.0/24 connect to eth1
Remote client in 172.16.0.0 can use ALU IPsec client to join 192.168.0.0 network.
I used default vpn_client_rules in LSMS, configured tunnel endpoint, radius service, local map addresses group = 192.168.0.100-192.168.0.200, host behind tunnel = *, .....
The configuration works, but the VPN clients are only assigned VPN's ip address but not default gateway.
I tried to browse in policy guide but don't know how to set default gateway address for VPN clients.
Do i have to upgrade or purchase anything ?
Thanks for help !
dash1986
