Ping command, Adapting the routing table, Chapter 5 – Nortel Networks 608(WL) User Manual

Chapter 5

Troubleshooting SpeedTouch™ IPSec

E-DOC-CTC-20051017-0169 v0.1

171

5.5 Pinging from the SpeedTouch™ to the remote

private network

Ping command

In order to verify that an IPSec tunnel is active, you can use the :ip debug ping CLI
command of the SpeedTouch™. With this command you are able to send ping
messages from the SpeedTouch™ to an IP address in the remote private network.

The transmission through an IPSec tunnel of messages originating from the
SpeedTouch™ requires some adaptations to the SpeedTouch™ routing table. In
general, this kind of traffic does not comply with the traffic policy of the VPN tunnel.
Therefore, some adaptations to the routing table are required, which can only be
performed via the Command Line Interface (CLI).

Adapting the routing

table

The adaptations to the routing table are made via the CLI.

Proceed as follows:

1

Add a route to the remote private network. Explicitly specify the local LAN
interface as the source interface in the route definition.

Example:

2

Set the local private IP address of the SpeedTouch™ as the primary IP address.

Example:

:ip rtadd dst 20.0.0.0/24 intf=ipsec0 srcintf=lan1

:ip ipconfig addr=10.0.0.254 primary=enabled