On freshly installed openSUSE 11.2 vpnc was working fine abroad, now back home it is getting no reponse from target. I cannot solve the issue-I am quite new to linux.
morgz wrote:
> On freshly installed openSUSE 11.2 vpnc was working fine abroad, now
> back home it is getting no reponse from target. I cannot solve the
> issue-I am quite new to linux.
first: welcome to Linux…hang on! it is not always simple:
many other voids in the info you provided makes understanding your
exact problem difficult to troubleshoot …
what might cause “no response”? (knock wasn’t received, or bad pass?
route down? not actually sending the knock outside your machine? or
other?)
what is different between ‘abroad’ and ‘home’?
ISP?
router?
IP?
default route?
firewall?
DNS?
proxy?
wireless vs wired?
etc?
and, if any of those things are different, maybe you have to adjust
your setup to accommodate the change??
may i ask if you were able to browse ‘abroad’, and can you still at
‘home’…
can you ping the “target”? are you sure the “target” is still alive on
the net? are you certain that all the data in your vpnc config is
still current?
etc…that is, do you think it is an openSUSE problem or might you
be better served in a Cisco forum, maybe? *
–
palladium
*
Hello and thank you for the reply.
ISP, IP, and router are different.
How do you mean change set up?
I had to alter nameserver of resolv.conf just to get on the net here. I thought this was the problem.
Yes I can ping the target.
I have considered the possibility of a deactivation of my vpn over the new year and will enquire asap.
will keep at it
thanks;
morgz wrote:
> How do you mean change set up?
well, i was not completely sure if you were getting on the net at all,
so i didn’t know which to ‘attack’ first (getting on the net or
getting the ‘target’ to respond)…now that that is known, that
removes that question…
now, maybe you can look at your vpnc manual…you should have one on
board at “man vpnc” or look here: http://linux.die.net/man/8/vpnc
which tells me one (or both) of these files:
/etc/vpnc/default.conf
/etc/vpnc.conf
contains the ‘secrets’ your target will respond to…
but, read on:
> I have considered the possibility of a deactivation of my vpn over the
when you do make sure to ask if the ‘target’ is behind a
firewall/whatever that may have been instructed to let your ‘abroad’
IP range get through…but, maybe it is set to DROP your current IP on
the floor and never even deliver it to the ‘target’ in the first place
(which makes it REAL hard to get ‘target’ to reply)…
and, while waiting for their response to will-the-firewall-let-me-in,
you might try at a command line:
sudo /usr/sbin/traceroute ‘target’ IP]
then give your root password when asked (you will not see what you
type) and hit enter
and the traceroute program will show you each hop from your machine to
wherever it ends…sometimes a switch between you and the target goes
crazy and won’t pass you on…that usually solves itself…but, if
you are getting to the target IP and then being ignored (and if your
‘secrets’ are still right) then you have a problem i can’t solve…
more likely i reckon you are not getting all the way to the target…
> thanks;
-welcome- and let us know how you get on…
–
palladium
Thanks again
Ok sudo tracecommand
hoppped from here to the domain I want (the first 6 IP digits)
in the first three steps
the remainder 27 steps appeared as * * * and that is all.
My secrets are still correct.
I wonder if I am to close to the target (ie:the DNS is the first six as above)
I will check out cisco forum as you suggested.
regards
Fixed now.
vpnc was using the wrong route to the target-
morgz wrote:
> Fixed now.
> vpnc was using the wrong route to the target-
great…was that a setup problem on your machine due to the move
between locations?
or, what?
confirm (or not) that it wasn’t an openSUSE problem…
–
palladium