I'm having a terrible time connecting two offices via vpn with IPCOP. I was successful connecting one of the offices to a netgear vpn router, but this one has frustrated me for weeks now. I would be extremely appreciative of any help. Both sides' logs verify the connection "pfg" #5: IPsec SA established". I can't ping through the tunel at all though. Below are the respective ipsec.conf files.
Thanks, Scott
LEFT: config setup interfaces="%defaultroute " klipsdebug="none" plutodebug="nat_t " plutoload=%search plutostart=%search uniqueids=yes nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.16.0.0/255.255.0.0,%v4:!192.168.0.0/255.255.255.0,%v4:!172.16.5.0/255.2
conn %default keyingtries=0 disablearrivalcheck=no
conn pfg left=64.250.211.185 leftnexthop=%defaultroute leftsubnet=172.16.0.0/255.255.0.0 right=64.250.197.157 rightsubnet=172.16.5.0/255.255.255.0 rightnexthop=%defaultroute ike=3des-md5-modp1024 esp=3des-md5 pfsgroup=modp1024 ikelifetime=1h keylife=8h compress=yes dpddelay=30 dpdtimeout=120 dpdaction=restart pfs=yes authby=secret auto=start
RIGHT: config setup interfaces="%defaultroute " klipsdebug="none" plutodebug="klips " plutoload=%search plutostart=%search uniqueids=yes nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.16.5.0/255.255.255.0,%v4:!172.16.0.0/255.255.0.0
conn %default keyingtries=0 disablearrivalcheck=no
conn pfg right=64.250.197.157 rightnexthop=%defaultroute rightsubnet=172.16.5.0/255.255.255.0 left=64.250.211.185 leftsubnet=172.16.0.0/255.255.0.0 leftnexthop=%defaultroute ike=3des-md5-modp1024 esp=3des-md5 pfsgroup=modp1024 ikelifetime=1h keylife=1h compress=yes dpddelay=30 dpdtimeout=120 dpdaction=restart pfs=yes authby=secret auto=start