HPE Community
Operating System - OpenVMS
1753424 Members
4872 Online
108793 Solutions
New Discussion

Re: Ping through VPN tunnel fails

 
SOLVED
Go to solution
Doug Phillips
Trusted Contributor

‎10-24-2012 04:22 PM

‎10-24-2012 04:22 PM

Re: Ping through VPN tunnel fails 

> So, the failing pings from the remote client come from the remote's
> public IP address (e.g., 12.34.56.78) [...]

> The Alpha doesn't access the internet so there is no default route
>> [...]
>
>  Really?  And when someone like your remote client at "12.34.56.78"
> pings the VMS system, whither should the VMS system send its reply?
>
>   I'd add that default route.
>

I'll do that. In fact, I can give them the command over the phone and maybe save myself a trip. PING wasn't really my goal, it was TELNET, so we'll see if that works with a default route. 

I expected to see at least a "host unreachable" sent to the requester IP for a route problem, but I guess I expected too much. My notes say that some TELNET via VPN accessable sites don't have a default route but I'll check them.

>> > [...] What are [the Windows server's] route settings? [...]
>> 
>>    Still wondering.
>
>   Still true.  Does the Windows server have a default route?  (Or some
>other route (static or dynamic) which points back to the VPN router?)
>

I would guess that it does, but I'll look when I get there. Windows setup is a little, umm, simpler. Thanks for the input. I'll post back if setting the default route fixes my problems.


0 Kudos
Reply
Steven Schweda
Honored Contributor

‎10-24-2012 04:36 PM

‎10-24-2012 04:36 PM

Re: Ping through VPN tunnel fails

 
0 Kudos
Reply
Doug Phillips
Trusted Contributor

‎10-25-2012 08:05 AM

‎10-25-2012 08:05 AM

Re: Ping through VPN tunnel fails

Setting the default route did the trick. It looks like I'll need to do some remedial
reading.

>> I expected to see at least a "host unreachable" sent to the requester
>> IP for a route problem, but I guess I expected too much.
>
 >  The (remote client) sender _knows_ the route from _its_ end.  The
>question is how the VMS system is supposed to know where to send its
>reply.
>

I guess I don't understand everything I know about TCP/IP. RFC 792 says:
##
Addresses

      The address of the source in an echo message will be the
      destination of the echo reply message.  To form an echo reply
      message, the source and destination addresses are simply reversed,
      the type code changed to 0, and the checksum recomputed.
##

So, that's what I expected to happen.

>>  My notes say
>> that some TELNET via VPN accessable sites don't have a default route but
>> I'll check them.
>
>   I'm too simple to use dynamic routing, but I'd guess that that might
>help those who use it.  Naturally, your (invisible) notes tell me less
>than a transcript showing actual commands with their actual output.
>

:-)  my notes obviously don't tell me much, either, and to me they're visible.

>> [...] I can give them the command over the phone [...]
>
>   Yup.
>
>> [...] PING wasn't really my goal [...]
>
>   If they both time out, then the cause might be the same.

That's what I thought, too, and is why I was concentrating on PING.

> The real
>nocturnal-do-nothing dog (I claim) is the difference between the VMS
>system and the similarly situated Windows system.

Agreed, and since this is TCIP/IP V5.4 ECO2 the differences are likely
even greater.

0 Kudos
Reply
Steven Schweda
Honored Contributor

‎10-25-2012 10:50 AM

‎10-25-2012 10:50 AM

Re: Ping through VPN tunnel fails

 
0 Kudos
Reply
Doug Phillips
Trusted Contributor

‎10-25-2012 11:28 AM

‎10-25-2012 11:28 AM

Re: Ping through VPN tunnel fails

Steven, thanks for your time.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.