8 diagnosis of vpn connections, 6 specific examples of connections – Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 14: Virtual Private Networks—VPN

322

V

irt

ua

l Pri

vat

e Ne

two

rks—

VP

N

only difference is that the source and the destination networks are
swapped.

14.5.8

Diagnosis of VPN connections

If the VPN connections fail to work after the configuration of the parameters,
the following diagnostic methods can be applied:

̈

The command show vpn spd on the Telnet console calls the “Security
Policy Definitions”.

̈

Use the command show vpn sadb to access information about the
negotiated “Security Associations” (SAs).

̈

The command trace + vpn [status, packet] calls up the status and error
messages for the current VPN negotiations.

୴

The error message “No proposal chosen” indicates a fault in the
configuration at the remote site.

୴

The error message “No rule matched”, on the other hand, indicates a
fault in the configuration of the local gateway.

14.6

Specific examples of connections

This section covers the 4 possible types of VPN connections with concrete
examples. These 4 different connection types are categorized by the type of IP
address of the two VPN gateways:

̈

static/dynamic

̈

dynamic/static (the dynamic peer initiates the connection)

̈

static/dynamic (the static peer initiates the connection)

̈

dynamic/dynamic

There is a section for each of these types, together with a description of all
required configuration information in the familiar table form.