VPN E-SERVER : INTERNET APPLICATIONS
Ed. 0410/10 Réf. 3EH 21000 BSAA
Debugging tools
A VPN test tool is available from the Alcatel OmniPCX Office web-based management tool (WBM) :
Management -> Manage VPN IPsec -> VPN Tunnels. It should help detecting the most frequent
problems.
If it does not help, with a "no answer from peer" message, the first ping consists in verifying the IP ad-
dresses of the IPsec peers. This is particularly true in test environments where IP addresses may be dy-
namic, requiring modifications to the IPsec configuration each time a WAN re-connection occurs. If
doubts subsist, testing this IP connectivity can be performed in different manners:
- From the Alcatel OmniPCX Office, by pinging the remote IPsec gateway address. Beware that this
may not work if the remote does not answer to pings due to some fierewall rules. This is the case
for Alcatel OmniPCX Office.
- One way to verify that the peer device’s IPsec packets reach the Alcatel OmniPCX Office system is
to disable the Ipsec service on the latter and look for traces of firewall-dropped packets with peer’s
IP address as source and UDP port 500. These traces are available from WBM home page.
To Next Page
Loading...
