Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

AnsweredAssumed Answered

Cannot ping remote VPN gateway

Question asked by Brianpiraty Alexi on Aug 22, 2018
Latest reply on Aug 22, 2018 by Gomboragchaa Jamganjav

Like • Show 0 Likes0
Comment • 2

The IPsec tunnel works fine. but could not ping the remote VPN gateway, what could be the problem

No one else has this question

Outcomes

2 Replies

Danny Jung Aug 22, 2018 12:41 PM
Mark Correct
Correct Answer
The issue could be
- the remote VPN gateway requires a rule that permits echo requests (ping) from your VPN gateway
- your VPN gateway requires a rile that permits echo requests (ping) to the remote VPN gateway
- the external IP addresses of both VPN gateways are only part of the VPN encryption domain of one VPN gateway
- the external IP addresses of both VPN gateway have not been excluded from the VPN encryption domain
Like • Show 0 Likes0
Actions
Gomboragchaa Jamganjav Aug 22, 2018 5:56 PM
Mark Correct
Correct Answer
I had same issue. Our monitoring tool send ping to remote gateway always.
1. Activate ICMP Requests from Global properties.
If still same:

edit $FWDIR/lib/crypt.def file
- find #ifndef NON_VPN_TRAFFIC_RULES
add belowed config
#ifndef IPV6_FLAVOR
#define NON_VPN_TRAFFIC_RULES (dst=remote_peer_gateway_IP)
#else
#define NON_VPN_TRAFFIC_RULES 0
#endif
#endif
#endif /* __crypt_def__ */

Then install policy. After you will get direct access to remote gateway...
Like • Show 0 Likes0
Actions

Recommended Content