beautypg.com

4 establish tunnel and verify – Asus SL1000 User Manual

Page 123

background image

Internet Security Router User

’s Manual

Chapter 10. Configuring VPN

107

Figure 10.17. Extranet Example

– Inbound ACL Rule on ISR2

10.6.2.4 Establish Tunnel and Verify

„ Start continuous ping from a host on the LAN behind ISR1 to a host on the LAN behind ISR2. The first

few pings would fail. After a few seconds, The host on the LAN behind ISR1 should start getting ping
response.

„ Ping from a host on the LAN behind ISR2 to a host on the LAN behind ISR1. Ping should be

successful.

„ The ping might fail due to any of the following:

„ The IP address of the host on the LAN behind ISR2 used in the ping command may not be correct.

Check and give the correct IP address.

„ Default route is not configured for ISR1 or ISR2. Configure the default routes as necessary.
„ Firewall rules corresponding to VPN connection may not be configured properly. If any of the

network addresses is not correctly configured, correct the parameters and apply the configuration.

„ Local and remote network addresses may not be configured correctly. The network addresses used

in VPN connection rule are 192.168.11.0/255.255.255.0 and 192.168.12.0/255.255.255.0.