While WinGate VPN has been designed to be easy to install and configure, there will be occasions where you might encounter problems with VPN functionality.
Basic troubleshooting steps are:
This step requires an active Internet connection, and a running Master Node server set to host a VPN. The Master Node server must be able to receive connections on the port used by the VPN Service (Default 809) from the Internet. If the connection can be successfully established, the two VPN Nodes can exchange control information. This known as the control connection and uses TCP. You can see a successfully connected VPN in the VPN panel, located in the Monitoring section of the WinGate Management console.
If the connection can't be established, then it maybe that the Master Node server is located behind a NAT Internet Router. If this is the case, you may need configure the ports on the Router to allow incoming VPN traffic, and have it redirected to the server.
This problem is most common in scenarios where two VPN Nodes that have connected to a hosted VPN are using the same private IP address range.
For example, if the Master Node is on a subnet address range of 192.168.6.***, and a joining VPN Client Node LAN has a subnet address range of 192.168.6.***, then neither end will be able to determine where to send a packet for a machine with the IP address 192.168.6.10, as it could be on either end.
We recommend that each VPN Node (and it's network) use a distinct IP address subnet range.
Do this by attempting to ping the LAN IP address of the Master Node machine from the VPN Client Node machine, and vice versa.
If the ping succeeds the data channel is operational. If it fails, there could be an issue with routing since the reply packets aren't being sent back. Often the cause is an intermediary NAT device such as a router(with firewall) that may hinder this communication. See Port Forwarding section)
If the ping is successful but your VPN participants are still showing up as not accessible, your problem is either with browsing or with the set up of the VPN Participant machines.
VPN Participant machines behind each VPN Node, must believe they can get to the machines on the other networks. This means that either they use their default gateway to get to these machines, or they must have specific routes configured. Otherwise they will refuse to send a packet back, even if they receive one.
©2012 Qbik New Zealand Limited
no comments yet...
You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:
You can create a new account or reset your password at forum.wingate.com.