Networking

Ask Computer Networking Questions and Get Answers ASAP

Ask a Computer Expert,
Get an Answer ASAP!

Networking

I have established a BOVPN (branch office VPN) between my 2

Customer Question
Hello, I have established a BOVPN...
Hello,
I have established a BOVPN (branch office VPN) between my 2 watchguard XTM series fireboxes. However I can not seem to get the traffic to flow through the tunnel. Please let me know what I need to do in order to send traffic through the tunnel.
Submitted: 2 years ago.Category: Networking
Show More
Show Less
Ask Your Own Networking Question
Answered in 5 hours by:
9/8/2015
Network Technician: Pete, Networking Engineer replied 2 years ago
Pete
Pete, Networking Engineer
Category: Networking
Satisfied Customers: 18,300
Experience: CISCO Certified Networking Engineer
Verified

Hi there,

Have you restarted the Watchguard boxes at each end?

Can you ping from one site to the other?

Ask Your Own Networking Question
Customer reply replied 2 years ago

yes, many times.I also tried to create the virtual interface I had seen in the guides, but nothing. the traffic all still goes out through the normal gateway and not through the tunnel.

Network Technician: Pete, Networking Engineer replied 2 years ago

Ok, let me open this question up to the other experts for you...

Ask Your Own Networking Question
Network Technician: derrickonline, Information Technology Manager replied 2 years ago
derrickonline
derrickonline, Information Technology Manager
Category: Networking
Satisfied Customers: 979
Experience: 15 years experience in the information technology field.
Verified

Pete:

I'm going to jump in as I've worked with these boxes in the past. These are some of the easier boxes to work with. I'm not sure I totally understand what you're issue is. Are you simply stating devices in site "A" cannot communicate with devices in site "B"?

If this is the case it would be easier if we setup a remote sharing session. This does cost more money however (not my rules). Once I can see both boxes and how they're configured I'm confident we can get this squared away. Let me know if you'd like to proceed.

Ask Your Own Networking Question
Customer reply replied 2 years ago

i wish I could. however it is a medical client and I can't bring anyone else in. I can give you example IP structure so we can work through this.

Network Technician: derrickonline, Information Technology Manager replied 2 years ago

HIPAA I get it. Sure give me a sample IP structure let's see if we can't work it out!

Ask Your Own Networking Question
Customer reply replied 2 years ago

Site A Site B

Ext GW: 96.97.222.172 Ext GW: 65.66.121.177

Tunnel

10.1.170.0/24 10.1.191.0/24

Network Technician: derrickonline, Information Technology Manager replied 2 years ago

Pete:

That's not super helpful, can you grab the configuration reports and if you don't want to provide them to me, at least review them and tell me if you see any errors? If you're not sure how to get those reports, see below.

http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#en-US/bovpn/manual/bovpn_config_report_c.html

Ask Your Own Networking Question
Customer reply replied 2 years ago

*** WG Diagnostic Report for Gateway "STARR-VPN-GW-1" ***
Created On: Wed Sep 9 23:14:30 2015

[Gateway Summary]
Gateway "STARR-VPN-GW-1" contains "1" gateway endpoint(s).
Gateway Endpoint #1 (name "STARR-VPN-GW-1")
Mode: Main PFS: Disabled AlwaysUP: Disabled
DPD: Enabled Keepalive: Enabled
Local ID<->Remote ID: {IP_ADDR(95.66.161.100) <-> IP_ADDR(67.77.172.27)}
Local GW_IP<->Remote GW_IP: {95.66.161.100 <-> 67.77.172.27}
Outgoing Interface: eth0 (ifIndex=2)
ifMark=0x10000
linkStatus=2 (0:unknown, 1:down, 2:up)

[Tunnel Summary]
"1" tunnel(s) are found using the previous gateway

Name: "STARR-VPN-Tun-1"
PFS: "Disabled" DH-Group: "2"
Number of Proposals: "1"
Proposal "ESP-AES-MD5"
ESP:
EncryptAlgo: "AES" KeyLen: "32(bytes)"
AuthAlgo: "MD5"
LifeTime: "28800(seconds)" LifeByte: "128000(kbytes)"
Number of Tunnel Routes: "1"
#1
Direction: "BOTH"
"10.1.71.0/255.255.255.0<->10.1.191.0/255.255.255.0"

[Run-time Info (gateway IKE_SA)]
Name: "STARR-VPN-GW-1" (IfStatus: 0x80000002)
ISAKMP SAID: "0xc4372ec8" State: "SA Mature"
Created: Wed Sep 9 22:42:29 2015
My Address: 95.66.161.100:500 Peer Address: 67.77.172.27:500
InitCookie: "9a1b34a5bdec7e36" RespCookie: "4478460548f1954c"
LifeTime: "28797(seconds)" LifeByte: "0(kbtyes)" DPD: "Enabled"

[Run-time Info (tunnel IPSEC_SA)]
"3" IPSEC SA(s) are found
"INBOUND"
SPI: 0x68d78221 ISAKMP SA ID: 0xc4372ec8
Created on: Wed Sep 9 22:42:30 2015
Bytes Sent: "0" Packets Sent: "0"
Errors: replay: "0" replay_win: "0" integrity: "0" hw_ctx: "0"
HwCryptoCtx: currErr: "0" ctxState: "1"
Tunnel Endpoint: "67.77.172.27->95.66.161.100"
Tunnel Selector: "10.1.191.0/24 -> 10.1.71.0/24 Proto: ANY"
AUTH: "hmac(md5)" KeyLen: "16(bytes)"
CRYPT: "cbc(aes)" KeyLen: "32(bytes)"
Gateway Name: "STARR-VPN-GW-1"
Tunnel Name: "STARR-VPN-Tun-1"
Owner Id: "80B1031B3CA38"
IFMARK: "0x10000(2)" DPD: "Enabled"
Number of Rekeys: "0"
"OUTBOUND"
SPI: 0xb52633c7 ISAKMP SA ID: 0xc4372ec8
Created on: Wed Sep 9 22:42:30 2015
Bytes Sent: "0" Packets Sent: "0"
Errors: replay: "0" replay_win: "0" integrity: "0" hw_ctx: "0"
HwCryptoCtx: currErr: "0" ctxState: "1"
Tunnel Endpoint: "95.66.161.100->67.77.172.27"
Tunnel Selector: "10.1.71.0/24 -> 10.1.191.0/24 Proto: ANY"
AUTH: "hmac(md5)" KeyLen: "16(bytes)"
CRYPT: "cbc(aes)" KeyLen: "32(bytes)"
Gateway Name: "STARR-VPN-GW-1"
Tunnel Name: "STARR-VPN-Tun-1"
Owner Id: "80B1031B3CA38"
IFMARK: "0x10000(2)" DPD: "Enabled"
Number of Rekeys: "49"
"INBOUND"
SPI: 0x719122f9 ISAKMP SA ID: 0xc4372ec8
Created on: Wed Sep 9 22:41:51 2015
Bytes Sent: "0" Packets Sent: "0"
Errors: replay: "0" replay_win: "0" integrity: "0" hw_ctx: "0"
HwCryptoCtx: currErr: "0" ctxState: "1"
Tunnel Endpoint: "67.77.172.27->95.66.161.100"
Tunnel Selector: "10.1.191.0/24 -> 10.1.71.0/24 Proto: ANY"
AUTH: "hmac(md5)" KeyLen: "16(bytes)"
CRYPT: "cbc(aes)" KeyLen: "32(bytes)"
Gateway Name: "STARR-VPN-GW-1"
Tunnel Name: "STARR-VPN-Tun-1"
Owner Id: "80B1031B3CA38"
IFMARK: "0x10000(2)" DPD: "Enabled"
Number of Rekeys: "48"

[Run-time Info (tunnel IPSEC_SP)]
"1" IPSEC SP(s) are found
#1
Tunnel Endpoint: "95.66.161.100->67.77.172.27"
Tunnel Selector: 10.1.71.0/24 -> 10.1.191.0/24 Proto: ANY
Created On: Tue Sep 1 14:33:52 2015
Gateway Name: "STARR-VPN-GW-1"
Tunnel Name: "STARR-VPN-Tun-1"

[Related Logs]

Ask derrickonline Your Own Question
derrickonline
derrickonline
derrickonline, Information Technology Manager
Category: Networking
Satisfied Customers: 979
979 Satisfied Customers
Experience: 15 years experience in the information technology field.

derrickonline is online now

A new question is answered every 9 seconds

How JustAnswer works:

  • Ask an ExpertExperts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional AnswerVia email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction GuaranteeRate the answer you receive.

JustAnswer in the News:

Ask-a-doc Web sites: If you've got a quick question, you can try to get an answer from sites that say they have various specialists on hand to give quick answers... Justanswer.com.
JustAnswer.com...has seen a spike since October in legal questions from readers about layoffs, unemployment and severance.
Web sites like justanswer.com/legal
...leave nothing to chance.
Traffic on JustAnswer rose 14 percent...and had nearly 400,000 page views in 30 days...inquiries related to stress, high blood pressure, drinking and heart pain jumped 33 percent.
Tory Johnson, GMA Workplace Contributor, discusses work-from-home jobs, such as JustAnswer in which verified Experts answer people’s questions.
I will tell you that...the things you have to go through to be an Expert are quite rigorous.

What Customers are Saying:

I am very happy with my very fast response. Eric is very knowledgeable in the subject area. Thank you!

RPAustin, TX

My Expert answered my question promptly and he resolved the issue totally. This is a great service. I am so glad I found it I will definitely use the service again if needed.

One Happy CustomerNew York

Wonderful service, prompt, efficient, and accurate. Couldn't have asked for more. I cannot thank you enough for your help.

Mary C.Freshfield, Liverpool, UK

This expert is wonderful. They truly know what they are talking about, and they actually care about you. They really helped put my nerves at ease. Thank you so much!!!!

AlexLos Angeles, CA

Thank you for all your help. It is nice to know that this service is here for people like myself, who need answers fast and are not sure who to consult.

GPHesperia, CA

I couldn't be more satisfied! This is the site I will always come to when I need a second opinion.

JustinKernersville, NC

Just let me say that this encounter has been entirely professional and most helpful. I liked that I could ask additional questions and get answered in a very short turn around.

EstherWoodstock, NY

< Previous | Next >

Meet the Experts:

Claws224

Claws224

IEEE Network Engineer

1,256 satisfied customers

IEEE, Microsoft

Kevin

Kevin

LAN/WAN Specialist

1,165 satisfied customers

Certified MCSA and MCP Network Administrator with over 20 years of PC experience.

Byron

Byron

PC Support Tech

625 satisfied customers

CCNA, A+, MCSE 11 years at a large law firm.

Eric K.

Eric K.

Network Administrator

510 satisfied customers

13 years of desktop, server and network support experience

Mr. Clark

Mr. Clark

Network Engineer

510 satisfied customers

Computer Business Owner / Former DoD Network Specialist

Chris L.

Chris L.

Support Specialist

446 satisfied customers

Certified Networking expert with over 10 years experience.

A. Stevens

A. Stevens

Network Administrator

428 satisfied customers

10+ years of Desktop, Laptop, and Server troubleshooting and support.

< Previous | Next >

Related Networking Questions
I can not print from my IPad as of today. Yesterday it
I can not print from my IPad as of today. Yesterday it worked however my husband was having issues and no wthe message I get is that there is no air print printers found. … read more
Viet - Computer Tech
Viet - Computer Tech
Computer Technican
Bachelor\u0027s Degree
952 satisfied customers
I forgot my password for the netgear 61. I am trying to hook
I forgot my password ***** the netgear 61. I am trying to hook up a Vizio TV … read more
Ashik
Ashik
Master\u0027s Degree
5,097 satisfied customers
When I access netacad.com on my laptop, I get redirected to
When I access netacad.com on my laptop, I get redirected to this URL: https://www.netacad.com/?p_p_id=58&p_p_lifecycle=0&p_p_state=normal&saveLastPath=false&_58_struts_action=%2Flogin%2Flogin&redirect… read more
Richard
Richard
IT Manager
IT Manager, Consultant
3,208 satisfied customers
Thye hp deskjet 3520 does not connect via wifi. High sierra.
it printed once this morn but doesn't connect to both of our apples i have restarted both apple lap star restarted printer opened and reinstalled ink, unplugged router … read more
Kris R
Kris R
IT Manager
Computing
2,263 satisfied customers
How do you reboot it. 3 years? I cant connect to wireless
I cant connect to wireless Its my wifes and I dont know how to turn it off/on … read more
Viet - Computer Tech
Viet - Computer Tech
Computer Technican
Bachelor\u0027s Degree
952 satisfied customers
The following confuses me. I bought a Furbo camera to
Hi. The following confuses me. I bought a Furbo camera to monitor my puppy when I'm in different part of house or out of house. I have to link to my home wireless network or another wireless network, … read more
Richard
Richard
IT Manager
IT Manager, Consultant
3,208 satisfied customers
I'm trying to put money in my grandson's account so that he
I'm trying to put money in my grandson's account so that he can purchase a game and I am having problems … read more
Michael Hannigan
Michael Hannigan
Bachelor\u0027s Program
239 satisfied customers
I can't get Firefox to come on, so I can't get onto the
I can't get Firefox to come on, so I can't get onto the internet … read more
Jason Jones
Jason Jones
AAS Information Technology
6,316 satisfied customers
Vizio wireless router XWR100 not connecting to router software.
I have the Vizio wireless router XWR100. I can not connect to the http://vizio.home link or http://192.168.1.1 I have found that my ip address for this computer is 98.95.141.74 but I still can not con… read more
Engineer John C.
Engineer John C.
Bachelor's Degree
7,080 satisfied customers
I want to set my laptop up to wifi but I need a sucurity
I want to set my laptop up to wifi but I need a sucurity code … read more
Viet - Computer Tech
Viet - Computer Tech
Computer Technican
Bachelor\u0027s Degree
952 satisfied customers
I get a message that my computer cannot connect to my
I get a message that my computer cannot connect to my router. It was working earlier today and I cannot determine the reason I can not connect … read more
Karthik
Karthik
Senior Engineer
Bachelor of Engineering
29 satisfied customers
I have a tablet 10.1, now i hawe problems with wifi
Hello, I have a tablet 10.1, now i hawe problems with wifi conection at my home, the tablet can't find my net, my galaxy 2s hawe no problem, if i go to another net conection,with my tablet, i hawe no … read more
Jason Jones
Jason Jones
AAS Information Technology
6,316 satisfied customers
I forgot my pass word for PC. Can't access cameras on PC>
I forgot my pass word for PC. Can't access cameras on PC> … read more
arsufi2002
arsufi2002
Bachelor's Degree
322 satisfied customers
I have a wireless router (N-300) and a laptop connected...no
I have a wireless router (N-300) and a laptop connected...no problems at all. However, I just got a Nook tablet and can't connect to the wifi network...I can't remember my password (tough to get old)!… read more
sandy
sandy
Technical Specialist
B.Tech
2,670 satisfied customers
Its not my phone ,it my internet modem I have miss plast my
its not my phone ,it my internet modem I have miss plast my password ***** you help me retreieve it? … read more
Ashik
Ashik
Master\u0027s Degree
5,097 satisfied customers
I just installed SQL Server 2008 R2. The installation
I just installed SQL Server 2008 R2. The installation completed okay, but the management studio doesn't come up. What have I done wrong?… read more
Kris R
Kris R
IT Manager
Computing
2,263 satisfied customers
I need to up date but i no longer have windows. i have a
i need to up date but i no longer have windows. i have a telikin with lenix can i even update? … read more
Chris L.
Chris L.
Support Specialist
Vocational, Technical or Trade Scho
446 satisfied customers
Are you im just here to ask gow i could update my router ive
hey how are you im just here to ask gow i could update my router ive been noticing its been running very slow lately … read more
Jason Jones
Jason Jones
AAS Information Technology
6,316 satisfied customers
Disclaimer: Information in questions, answers, and other posts on this site ("Posts") comes from individual users, not JustAnswer; JustAnswer is not responsible for Posts. Posts are for general information, are not intended to substitute for informed professional advice (medical, legal, veterinary, financial, etc.), or to establish a professional-client relationship. The site and services are provided "as is" with no warranty or representations by JustAnswer regarding the qualifications of Experts. To see what credentials have been verified by a third-party service, please click on the "Verified" symbol in some Experts' profiles. JustAnswer is not intended or designed for EMERGENCY questions which should be directed immediately by telephone or in-person to qualified professionals.

Disclaimer: Information in questions, answers, and other posts on this site ("Posts") comes from individual users, not JustAnswer; JustAnswer is not responsible for Posts. Posts are for general information, are not intended to substitute for informed professional advice (medical, legal, veterinary, financial, etc.), or to establish a professional-client relationship. The site and services are provided "as is" with no warranty or representations by JustAnswer regarding the qualifications of Experts. To see what credentials have been verified by a third-party service, please click on the "Verified" symbol in some Experts' profiles. JustAnswer is not intended or designed for EMERGENCY questions which should be directed immediately by telephone or in-person to qualified professionals.

Show MoreShow Less

Ask Your Question

x