URGENT: VPN help Netgear FVS338

[CoasterGuy]

I have established a VPN connection between two Netgear FVS338 VPN routers but I cannot ping anything other than the routers themselves. When I try a computer listed in the groups it times out.

I have made sure that all IP's and subnet masks are correct. Are there any additional settings I need to check?

Any ideas?

 

[DrGreen2007]

'Computer listed in the group'

What list is this and where did it come from?
Are the IP's at each network different, or the same? (ie one is 172.xx and the other is 192.xx)

 

[CoasterGuy]

In each router there is a "Group" list that is essentially a list of connect computers, devices, etc.

The local IP's are different at each end.

Site A: 192.168.1.xxx
Site B: 192.168.3.xxx

Also, I was just able to ping (Through the router's utility - not windows) from site B to A, but not the other way.

 

[RebateMonger]

You need to review your IPSec Policies. One-way pings are a common symptom indicating a Policy problem.

For a site-to-site VPN, you'd have three different Policies on each Router.

Local External IP to Remote External IP
Local LAN Subnet to Remote External IP
Local LAN Subnet to Remote LAN Subnet

You should be seeing six different Security Associations established at each router.

 

[her209]

Make sure the inside interface is not N/PATing the packets.

 

[CoasterGuy]

Just want to say thank you guys for your help.

I figured it out. I had done something very stupid.

Their subnet mask for the site was 255.255.255.192 and like an idiot I used that as their LAN sm when I needed to use 255.255.255.0.

Thanks again for all your suggestions.