Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Symantec SGS420 help.....

Symantec SGS420 help.....

Symantec SGS420 help.....

Hi Guys,

i have a site running 6x Symantec SGS420 vpn appliances

1 being the centre, and 5x connecting to it, all running perfect.

question is what settings do i need to make on the central unit, to let the other 5x see the ip address of the other 5x

ie, SGS Home1 connected to SGS Office
SGS Home2 connected to SGS Office
SGS Home3 connected to SGS Office
SGS Home4 connected to SGS Office
SGS Home5 connected to SGS Office

i can ping all ways but can not see SGS Home 1 from SGS Home 5

any one able to help with setting i need to do to SGS Office so i can acheive this?

thanks in advance

RE: Symantec SGS420 help.....

First the simple, but slower way.

I use RV042s, but my changes actually were out on the spoke, not the hub.

Home1 (and all the other Homes) needs to claim subnet with a mask of is at (IP address of SGS Office)

now when you ping, your PC will check to be sure that is not in the local subnet (it isn't) and send the packet to the default gateway (your VPN device)
Your vpn device will check it's list of VPN addresses and find one and send it to at the main office.
When the office gets the packet it sees a VPN of with a subnet of to send it to.
Now the packet gets to Home3 and the device on home3 want to reply The reply address is not in it's local subnet so it looks in its VPN table and finds a VPN of with a subnet of
the main office gets this packet and sees a 192.168.10 subnet with a mask of and sends it there, your Home1 device realises that this is a local IP and sends it back to your PC.

So the Linksys, Cisco, Netgear, Netopia gear I have used requires no change at the hub, but a much broader subnet at the spokes then the devices set by default. (all the Cisco gear issues a warning that is not a wise mask for but then allows it)

Faster but often more expensive, if you bought devices that allow multiple VPNs, you can configure point to point VPNs from each home to each home. My Netopia devices only allow a single VPN, so I never tried that.


I tried to remain child-like, all I achieved was childish.

Tsar of all the Rushers

RE: Symantec SGS420 help.....

Hey ya thanks for that, in the last part of you post,:

Faster but often more expensive, if you bought devices that allow multiple VPNs, you can configure point to point VPNs from each home to each home.

that would work, ach of the SGS420 i have can handle 25 VPN connections each,

i could as you said just make another one from home to home, that way it can talk directly to the network at each end, including the hub


RE: Symantec SGS420 help.....

hey ya jimbopalmer

tried making a new vpn connection to Home1 to Home5

connection comes up, as connected, and logs show connected, all good, but cant ping, no repsonse from Home5 and vise versa

using hub/spoke terminology



made another connection direct

spoke to

connected but can ping from either site?

any ideas, i read enable RIP?

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close