Print | Rate this content

HP Office Connect Gigabit VPN Firewall - Cannot ping remote private network across site-to-site VPN from diagnostic tool on Web UI

3Com Knowledgebase Article

Title:

HP Office Connect Gigabit VPN Firewall - Cannot ping remote private network across site-to-site VPN from diagnostic tool on Web UI

SoftwareFirmware Version:

Version 1.0.8

Version 1.0.9

Version 1.0.10

Version 1.0.11

Product:

3CREVF100-73 - Office Connect VPN Firewall

Fix:

There is no solution at this time to be able to ping an address of the remote private network using the Diagnostic Ping.

Symptom:

Site-to-site VPN tunnel is established but the remote private gateway address or devices on the remote private network do not respond to pings from diagnostic tool on Web UI

Site-to-site VPN tunnel is established and clients on private networks can ping and access each others private subnets

Sniffer trace of the WAN interface shows the Source IP address of the ping as the IP address of the WAN interface.

Cause:

The Web UI Diagnostic ping will default to use as its source IP address the outbound interface. As an example, if LAN 3 IP address is 192.168.1.1 and WAN2 IP address is 172.16.1.1 and the goal was to ping the IP address 192.168.20.1 that is accessible via the site-to-site VPN tunnel outbound via interface WAN2, the source IP address used for the ICMP echo would be 172.16.1.1; this being the outbound interface IP address. The appropriate source for this scenario should have been 192.168.1.1

Provide feedback

Please rate the information on this page to help us improve our content. Thank you!