GX450 VPN 2nd subnet Route

I set up an IPSec vpn however for the second subnet I cannot see traffic coming from the GX450 through the tunnel. The primary remote subnet works fine. I’ve read through the config information however have not found a solution. I’m needing the modem and the devices connected to be able to access that primary and secondary subnet.

Hi @tommyboy20021984

Can you please share your IPsec VPN configuration and log file on GX450?

General
AT VPN 1 Type Tunnel DisabledIPsec TunnelGRE TunnelOpenVPN Tunnel
AT VPN 1 Status Connected
Set VPN Policy ----
AT VPN Gateway Address 207.122.50.14
AT Pre-shared Key 1 ^^&tomMy
AT My Identity Type IP
My Identity - IP 52.183.24.203
AT Peer Identity Type IP
Peer Identity - IP 207.122.50.14
AT Negotiation Mode Main
AT IKE Encryption Algorithm AES-128
AT IKE Authentication Algorithm SHA1
AT IKE Key Group DH2
AT IKE SA Life Time 28800
AT IKE DPD Disable
AT Local Address Type Subnet Address
AT Local Address 10.10.10.0
AT Local Address - Netmask 255.255.255.0
AT Remote Address Type Subnet Address
AT Remote Address 192.168.13.128
AT Remote Address - Netmask 255.255.255.240
AT Perfect Forward Secrecy No
AT IPSec Encryption Algorithm 3DES
AT IPSec Authentication Algorithm SHA1
AT IPSec Key Group DH2
AT IPSec SA Life Time 28800

Additional Remote Subnets
Remote Subnet 2 Address Type Subnet Address
Remote Subnet 2 Address 10.10.20.0
Remote Subnet 2 Address - Netmask 255.255.255.0
Remote Subnet 3 Address Type Single Address
Remote Subnet 3 Address 0.0.0.0
Remote Subnet 3 Address - Netmask 0.0.0.0

Jul 7 18:28:54 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:54 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:54 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:55 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:55 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:55 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:57 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:57 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:57 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:28:58 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:29:17 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:29:17 alert ALEOS_SYSTEM_Embedded_Ace_Reset: Reboot issued from UI…
Jul 7 18:29:18 alert ALEOS_SYSTEM: VIN at reboot: 12.66V
Jul 7 18:29:18 alert ALEOS_SYSTEM: Uptime: 18:29:18 up 28 min, 0 users, load average: 0.62, 0.41, 0.44
Jul 7 18:29:18 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:29:18 alert ALEOS_SYSTEM: [aleosreboot] Rebooting…
Jul 7 18:29:18 notice InitNG: System is going down.
Jul 7 18:29:18 info dropbear[604]: Early exit: Terminated by signal
Jul 7 18:29:18 info dnsmasq[8720]: exiting on receipt of SIGTERM
Jul 7 18:29:18 info pppoe-server[10248]: Terminating on signal 15 – killing all PPPoE sessions
Jul 7 18:29:19 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:29:19 notice ALEOS_LAN: HPR: Disabling proxy ARP on all interfaces
Jul 7 18:29:20 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:29:25 alert ALEOS_SYSTEM: *** Start of last 50 lines in dmesg ***
Jul 7 18:29:25 notice root: [ 0.962132] Freeing init memory: 124K
Jul 7 18:29:25 notice root: [ 6.923633] yaffs: dev is 32505861 name is “mtdblock5” rw
Jul 7 18:29:25 notice root: [ 6.923721] yaffs: passed flags “”
Jul 7 18:29:25 notice root: [ 6.923737] yaffs: yaffs: Attempting MTD mount of 31.5,“mtdblock5”
Jul 7 18:29:25 notice root: [ 7.844487] yaffs: yaffs_read_super: is_checkpointed 0
Jul 7 18:29:25 notice root: [ 8.056785] ad7998 1-0021: ad7997 chip found.
Jul 7 18:29:25 notice root: [ 8.056946] ad7998 1-0021: writing configuration register: 0x02 0x0f 0xf8
Jul 7 18:29:25 notice root: [ 8.079690] ad_dpot 1-002c: ad5161 256-Position Digital Potentiometer registered
Jul 7 18:29:25 notice root: [ 10.803640] usb 1-1: new high speed USB device number 2 using pxau2h-ehci
Jul 7 18:29:25 notice root: [ 10.979541] usb 1-1: config 1 has an invalid interface number: 8 but max is 5
Jul 7 18:29:25 notice root: [ 10.979577] usb 1-1: config 1 has an invalid interface number: 10 but max is 5
Jul 7 18:29:25 notice root: [ 10.979601] usb 1-1: config 1 has an invalid interface number: 11 but max is 5
Jul 7 18:29:25 notice root: [ 10.979621] usb 1-1: config 1 has no interface number 1
Jul 7 18:29:25 notice root: [ 10.979640] usb 1-1: config 1 has no interface number 4
Jul 7 18:29:25 notice root: [ 10.979656] usb 1-1: config 1 has no interface number 5
Jul 7 18:29:25 notice root: [ 10.980325] usb 1-1: New USB device found, idVendor=1199, idProduct=68c0
Jul 7 18:29:25 notice root: [ 10.980376] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Jul 7 18:29:25 notice root: [ 10.980398] usb 1-1: Product: MC7354
Jul 7 18:29:25 notice root: [ 10.980416] usb 1-1: Manufacturer: Sierra Wireless, Incorporated
Jul 7 18:29:25 notice root: [ 11.004458] GobiSerial 1-1:1.0: GobiSerial converter detected
Jul 7 18:29:25 notice root: [ 11.014607] usb 1-1: GobiSerial converter now attached to ttyUSB0
Jul 7 18:29:25 notice root: [ 11.027587] GobiSerial 1-1:1.2: GobiSerial converter detected
Jul 7 18:29:25 notice root: [ 11.044042] usb 1-1: GobiSerial converter now attached to ttyUSB1
Jul 7 18:29:25 notice root: [ 11.053327] GobiSerial 1-1:1.3: GobiSerial converter detected
Jul 7 18:29:25 notice root: [ 11.073557] usb 1-1: GobiSerial converter now attached to ttyUSB2
Jul 7 18:29:25 notice root: [ 11.090424] GobiNet 1-1:1.8: wwan0: register ‘GobiNet’ at usb-pxau2h-ehci-1, GobiNet Ethernet Device, :::::
Jul 7 18:29:25 notice root: [ 11.090803] RawIP mode
Jul 7 18:29:25 notice root: [ 11.101372] USB Speed : USB 2.0
Jul 7 18:29:25 notice root: [ 11.112627] GobiNet 1-1:1.10: wwan1: register ‘GobiNet’ at usb-pxau2h-ehci-1, GobiNet Ethernet Device, :::::
Jul 7 18:29:25 notice root: [ 11.112986] RawIP mode
Jul 7 18:29:25 notice root: [ 11.131050] USB Speed : USB 2.0
Jul 7 18:29:25 notice root: [ 13.184832] TE Disabled
Jul 7 18:29:25 notice root: [ 13.237833] TE Disabled
Jul 7 18:29:25 notice root: [ 13.256834] creating qcqmi0
Jul 7 18:29:25 notice root: [ 13.305834] creating qcqmi1
Jul 7 18:29:25 notice root: [ 19.521828] ADDRCONF(NETDEV_UP): br0: link is not ready
Jul 7 18:29:25 notice root: [ 28.743641] Sharks Ethernet PHY LEDs initialized
Jul 7 18:29:25 notice root: [ 29.253261] ADDRCONF(NETDEV_UP): eth0: link is not ready
Jul 7 18:29:25 notice root: [ 31.466596] device eth0 entered promiscuous mode
Jul 7 18:29:25 notice root: [ 41.303656] g_ether gadget: using random self ethernet address
Jul 7 18:29:25 notice root: [ 41.303801] g_ether gadget: using random host ethernet address
Jul 7 18:29:25 notice root: [ 41.304508] usb0: MAC :::::
Jul 7 18:29:25 notice root: [ 41.304859] usb0: HOST MAC :::::
Jul 7 18:29:25 notice root: [ 41.304877] g_ether gadget: Ethernet Gadget, version: Memorial Day 2008/SWI_2.1
Jul 7 18:29:25 notice root: [ 41.304928] g_ether gadget: g_ether ready
Jul 7 18:29:25 notice root: [ 45.028504] ADDRCONF(NETDEV_UP): usb0: link is not ready
Jul 7 18:29:25 notice root: [ 48.724789] ISO 9660 Extensions: RRIP_1991A
Jul 7 18:29:25 notice root: [ 58.159531] apbc_clk_enable: enter…fnclksel=1
Jul 7 18:29:25 notice root: [ 75.144715] apbc_clk_enable: enter…fnclksel=1
Jul 7 18:29:25 notice root: [ 1738.443683] br0: port 1(eth0) entering disabled state
Jul 7 18:29:25 alert ALEOS_SYSTEM: *** End of last 50 lines in dmesg ***
Jul 7 18:29:25 notice syslog-ng[193]: syslog-ng shutting down; version=‘3.8.1’
Jul 7 18:29:41 notice syslog-ng[193]: syslog-ng starting up; version=‘3.8.1’
Jul 7 18:29:41 alert ALEOS_SYSTEM: _ _ _ _ _
Jul 7 18:29:41 alert ALEOS_SYSTEM: / \ / \ / \ / \ / \
Jul 7 18:29:41 alert ALEOS_SYSTEM: | A | L | E | O | S |
Jul 7 18:29:41 alert ALEOS_SYSTEM: _/ _/ _/ _/ _/
Jul 7 18:29:41 alert ALEOS_SYSTEM:
Jul 7 18:29:41 alert ALEOS_SYSTEM: Sierra Wireless
Jul 7 18:29:42 alert ALEOS_SYSTEM: Copyright 2009-2019
Jul 7 18:29:42 alert ALEOS_SYSTEM: Version: 4.9.4.p09
Jul 7 18:29:42 alert ALEOS_SYSTEM: Single Code-Set
Jul 7 18:29:42 alert ALEOS_SYSTEM:
Jul 7 18:29:42 alert ALEOS_SYSTEM: Serial no: __________
Jul 7 18:29:42 alert ALEOS_SYSTEM_startup: Starting AleosConfBuilder
Jul 7 18:29:42 alert ALEOS_SYSTEM_startup: Ending AleosConfBuilder Properly
Jul 7 18:29:42 alert ALEOS_SYSTEM_startup: START
Jul 7 18:29:42 alert ALEOS_SYSTEM_startup: ALEOS time is set to Tue Jul 7 18:29:41 2020
Jul 7 18:29:42 alert ALEOS_SYSTEM_startup: END
Jul 7 18:29:42 info ALEOS_SYSTEM: Waiting for SM to be Ready…
Jul 7 18:29:42 info ALEOS_SYSTEM_WDlog: Starting Monitor Process
Jul 7 18:29:42 notice ALEOS_SYSTEM_WDlog: HW Watchdog enabled.
Jul 7 18:29:42 notice ALEOS_SYSTEM_WDlog: New HW Watchdog timeout: 240 seconds.
Jul 7 18:29:42 notice ALEOS_SYSTEM: Starting Storage Manager…
Jul 7 18:29:42 info ALEOS_SYSTEM: Waiting for CSM to be Ready…
Jul 7 18:29:42 notice ALEOS_SYSTEM: Storage Manager is now ready - Continue
Jul 7 18:29:42 notice ALEOS_SYSTEM: Starting Configuration Manager…
Jul 7 18:29:43 info ALEOS_SYSTEM_CSM: Hard-coded default configuration retrieved
Jul 7 18:29:43 info ALEOS_SYSTEM_CSM: Requesting persisted user configuration…
Jul 7 18:29:43 notice ALEOS_SYSTEM_SM: Retrieving records from ‘Config11.smc’ [request: ‘Config11.smc’]…
Jul 7 18:29:44 notice ALEOS_SYSTEM_SM: Record counts: read ‘6144’ good records, ‘0’ bad records
Jul 7 18:29:44 info ALEOS_SYSTEM_CSM: …data reading done
Jul 7 18:29:44 info ALEOS_SYSTEM_CSM: Configuration OK
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Device Family 1
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Product type 1
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Enabling MSCIIDs for LTE Radio
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Enabling MSCIIDs Serial Port
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Serial0 Reserve Status = 0
Jul 7 18:29:44 info ALEOS_SYSTEM_MSCIEn: GNSS Type 1
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: Enabling MSCIIDs for GNSS
Jul 7 18:29:44 err ALEOS_SYSTEM_MSCIEn: 9SharksHal get_sim_status: ID 1 is not valid.
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: QualcommDM Reserve Status = 0
Jul 7 18:29:44 notice ALEOS_SYSTEM_MSCIEn: No External Card Detected
Jul 7 18:29:44 info ALEOS_SYSTEM: Check Reset Configuration
Jul 7 18:29:44 info ALEOS_SYSTEM: No reset backup configuration
Jul 7 18:29:47 info ALEOS_SYSTEM_csmMigrator: csmMigrator: Migration complete.
Jul 7 18:29:48 notice ALEOS_SYSTEM_Migrator: Already up-to-date
Jul 7 18:29:48 notice ALEOS_FIRMWARE_Security: SFU Certificates:
Jul 7 18:29:48 notice ALEOS_FIRMWARE_Security: SWI-ESBU-Root-01.crt
Jul 7 18:29:48 notice ALEOS_FIRMWARE_Security: SWI-ESBU-Root-02.crt
Jul 7 18:29:48 notice ALEOS_FIRMWARE_Security: => Production-Signed firmware
Jul 7 18:29:51 alert ALEOS_SYSTEM: sub: 0, hda1: p/e 1 ret 0
Jul 7 18:29:54 notice ALEOS_SERVICES_pwmgr: Current Power State: ON.
Jul 7 18:29:56 warning ALEOS_SERVICES_SMSPROC: File /mnt/hda1/smspwd not found
Jul 7 18:29:57 notice ALEOS_LAN: Ethernet port enabled [ Auto ]
Jul 7 18:29:58 info dropbear[611]: Not backgrounding
Jul 7 18:29:58 notice ALEOS_SYSTEM_STS: Starting STS
Jul 7 18:29:59 notice ALEOS_SYSTEM_SM: Retrieving records from ‘SnF22.smc’ [request: ‘SnF21.smc’]…
Jul 7 18:29:59 notice ALEOS_SYSTEM_SM: Record counts: read ‘2230’ good records, ‘0’ bad records
Jul 7 18:30:00 notice ALEOS_LINKMGMT_linkstatd: eth0 is now up
Jul 7 18:30:01 notice ALEOS_LAN: Configuring eth0 for link setting 0
Jul 7 18:30:01 warning ALEOS_EVENTS_dpPulseCnt: 9SharksHal set_gpio_edge_interrupt: Unsupported GPIO 3
Jul 7 18:30:01 notice ALEOS_LAN: Configuring eth0 for autoneg on
Jul 7 18:30:05 alert ALEOS_SYSTEM: * PRI ver name : ATT_005.026_000
Jul 7 18:30:06 alert ALEOS_SYSTEM: * PRI carrier name : 9902196
Jul 7 18:30:06 alert ALEOS_SYSTEM: * PRI carrier string : 9902196, ATT_005.026_000
Jul 7 18:30:07 notice ALEOS_LINKMGMT_linkstatd: eth0 is now down
Jul 7 18:30:15 notice ALEOS_LINKMGMT_linkmon: -------------------LINKMON-------------------
Jul 7 18:30:15 notice ALEOS_LINKMGMT_linkmon: dvtFlag=0
Jul 7 18:30:15 notice ALEOS_LINKMGMT_linkmon: New Link Status - Network Link Down
Jul 7 18:30:15 notice ALEOS_LINKMGMT_servicemon: launching servicemon process
Jul 7 18:30:15 notice ALEOS_LINKMGMT_servicemon: Ethernet WAN KeepAlive Monitor: Disabled
Jul 7 18:30:15 notice ALEOS_LINKMGMT_servicemon: Cell WAN KeepAlive Monitor: Disabled
Jul 7 18:30:16 notice ALEOS_CONNECTMGMT: autoDHCP mode is now enabled
Jul 7 18:30:16 err udhcpc[3595]: started, v1.27.2
Jul 7 18:30:16 notice ALEOS_FIRMWARE_rmswitchingcheck: getCsmValues Firmware Carrier: ATT
Jul 7 18:30:17 debug SWI0 SDK Process: >>MM sn or usb [0] 1-1
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB0 device found on USB Interface 0
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB0 device found on USB Interface 0
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB1 device found on USB Interface 2
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB1 device found on USB Interface 2
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB2 device found on USB Interface 3
Jul 7 18:30:17 debug SWI0 SDK Process: ttyUSB2 device found on USB Interface 3
Jul 7 18:30:17 debug SWI0 SDK Process: swi_ossdkusbscan/1507: 3 tty interfaces successfully scanned
Jul 7 18:30:17 debug SWI0 SDK Process: qcqmi0 device found on USB Interface 8
Jul 7 18:30:17 debug SWI0 SDK Process: qcqmi1 device found on USB Interface 10
Jul 7 18:30:17 debug SWI0 SDK Process: qcqmi0 device found on USB Interface 8
Jul 7 18:30:17 debug SWI0 SDK Process: qcqmi1 device found on USB Interface 10
Jul 7 18:30:17 debug SWI0 SDK Process: swi_ossdkusbscan/1533: 2 qmi interfaces successfully scanned
Jul 7 18:30:17 debug SWI0 SDK Process: swi_ossdkusbscan/1545: 5/6 interfaces successfully scanned
Jul 7 18:30:17 debug SWI0 SDK Process: swi_ossdkusbscan: drivers ready!
Jul 7 18:30:18 err udhcpc[3595]: sending discover
Jul 7 18:30:19 notice ALEOS_FIRMWARE_rmswitchingcheck: (qmisdkhelper) Waiting for the Radio Module to be ready
Jul 7 18:30:19 notice ALEOS_FIRMWARE_rmswitchingcheck: (qmisdkhelper) Radio module is ready
Jul 7 18:30:20 debug ALEOS_FIRMWARE_rmswitchingcheck: SDK pid is 3661
Jul 7 18:30:20 info SWI0 SDK Process: Launching QMI DS shell: service 2(DMS)
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: Radio Module Version: > 05.05.58.00_ATT_005.026_000
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: Radio Module firmware version matches entry in database
Jul 7 18:30:20 debug SWI0 SDK Process: fmsExtractParameter: File Name: /tmp/rmswitchingcheck/1//9999999_9902196_SWI9X15C_05.05.58.00_00_ATT_005.026_000-field.spk
Jul 7 18:30:20 debug SWI0 SDK Process: swi_ossdk_readdir
Jul 7 18:30:20 debug SWI0 SDK Process: fmsExtractParameter: File Name: /tmp/rmswitchingcheck/1//9999999_9902196_SWI9X15C_05.05.58.00_00_ATT_005.026_000-field.spk
Jul 7 18:30:20 debug SWI0 SDK Process: swi_ossdk_readdir
Jul 7 18:30:20 debug SWI0 SDK Process: fmsExtractParameter: File Name: /tmp/rmswitchingcheck/1//9999999_9902196_SWI9X15C_05.05.58.00_00_ATT_005.026_000-field.spk
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: #> Running Radio Module Version: 05.05.58.00_ATT_005.026_000
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: #> Stored Radio Module Version: 05.05.58.00_ATT_005.026_000
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: #----> Running and Stored Radio Module Versions match
Jul 7 18:30:20 info SWI0 SDK Process: Launching QMI DS shell: service 11(UIM)
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: ****************************************
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: PIN1 Status : 3
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: PIN1 Verify Retries Left : 3
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: PIN1 Unblock Retries Left : 10
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: ****************************************
Jul 7 18:30:20 info SWI0 SDK Process: Launching QMI DS shell: service 3(NAS)
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: MCC-MNC: 313-10, 313-10
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: MCC-MNC: 313-100, FirstNet
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: Found a matching carrier image: ATT
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: #> Firmware Carrier: ATT
Jul 7 18:30:20 notice ALEOS_FIRMWARE_rmswitchingcheck: DONE
Jul 7 18:30:21 err udhcpc[3595]: sending discover
Jul 7 18:30:22 alert ALEOS_FIRMWARE_SWUpdate: No Radio Module Firmware Update pending
Jul 7 18:30:23 warning ALEOS_EVENTS_dpRptSend: ADMIN password is longer than 8 characters, and will be truncated.
Jul 7 18:30:23 notice ALEOS_SYSTEM_SM: Retrieving records from ‘SnF12.smc’ [request: ‘SnF11.smc’]…
Jul 7 18:30:23 notice ALEOS_SYSTEM_SM: Record counts: read ‘133’ good records, ‘0’ bad records
Jul 7 18:30:24 err udhcpc[3595]: sending discover
Jul 7 18:30:28 err udhcpc[3595]: no lease, failing
Jul 7 18:30:30 notice ALEOS_SECURITY: Inserting xfrm policy
Jul 7 18:30:33 notice ALEOS_CONNECTMGMT: No DHCP requests answered. Disabling autoDHCP mode
Jul 7 18:30:36 alert ALEOS_EVENTS_dpRptGen: Exiting because GNSS is no longer suspended.
Jul 7 18:30:37 notice ALEOS_SECURITY_firewallManager: Firewall completed restart after 37658 ms
Jul 7 18:30:39 debug SWI0 SDK Process: >>MM sn or usb [0] 1-1
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB0 device found on USB Interface 0
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB0 device found on USB Interface 0
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB1 device found on USB Interface 2
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB1 device found on USB Interface 2
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB2 device found on USB Interface 3
Jul 7 18:30:39 debug SWI0 SDK Process: ttyUSB2 device found on USB Interface 3
Jul 7 18:30:39 debug SWI0 SDK Process: swi_ossdkusbscan/1507: 3 tty interfaces successfully scanned
Jul 7 18:30:39 debug SWI0 SDK Process: qcqmi0 device found on USB Interface 8
Jul 7 18:30:39 debug SWI0 SDK Process: qcqmi1 device found on USB Interface 10
Jul 7 18:30:39 debug SWI0 SDK Process: qcqmi0 device found on USB Interface 8
Jul 7 18:30:39 debug SWI0 SDK Process: qcqmi1 device found on USB Interface 10
Jul 7 18:30:39 debug SWI0 SDK Process: swi_ossdkusbscan/1533: 2 qmi interfaces successfully scanned
Jul 7 18:30:39 debug SWI0 SDK Process: swi_ossdkusbscan/1545: 5/6 interfaces successfully scanned
Jul 7 18:30:39 debug SWI0 SDK Process: swi_ossdkusbscan: drivers ready!
Jul 7 18:30:39 alert ALEOS_CONNECTMGMT: IPV4 Disconnect Handled
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 2(DMS)
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 3(NAS)
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 1(WDS)
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 11(UIM)
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 5(WMS)
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 240(SWIOMA)
Jul 7 18:30:42 debug SWI0 SDK Process: psrwds_setipfamily: instance: 0 IP family: V4 Active WDS Client: V4
Jul 7 18:30:42 debug SWI0 SDK Process: psrwds_setipfamily: instance: 0 IP family: V6 Active WDS Client: V6
Jul 7 18:30:42 info SWI0 SDK Process: Launching QMI DS shell: service 1(WDS)
Jul 7 18:30:43 debug SWI0 SDK Process: psrwds_setipfamily: instance: 0 IP family: V4 Active WDS Client: V4
Jul 7 18:30:43 debug SWI0 SDK Process: psrwds_starnet:
Jul 7 18:30:43 debug SWI0 SDK Process: psrwds_setipfamily: instance: 0 IP family: V4 Active WDS Client: V4
Jul 7 18:30:43 debug SWI0 SDK Process: psrwds_getsettings:
Jul 7 18:30:43 notice ALEOS_LINKMGMT_linkstatd: wwan0 is now up
Jul 7 18:30:43 err udhcpc[6417]: started, v1.27.2
Jul 7 18:30:44 err udhcpc[6417]: sending discover
Jul 7 18:30:44 err udhcpc[6417]: sending select for 52.183.24.203
Jul 7 18:30:44 err udhcpc[6417]: lease of 52.183.24.203 obtained, lease time 7200
Jul 7 18:30:45 notice ALEOS_LINKMGMT_linkmon: Radio Connection State - Connected
Jul 7 18:30:47 notice InitNG: System is starting up.
Jul 7 18:30:47 notice InitNG: System is up and running!
Jul 7 18:30:52 alert ALEOS_LAN: MTU Source Auto - Set DHCP option 26 MTU: 1430
Jul 7 18:30:52 alert ALEOS_LAN: MTU Source Auto - Ignore Opt 26 MTU size 1500
Jul 7 18:30:53 info dnsmasq[5380]: started, version 2.78-security-prerelease cachesize 150
Jul 7 18:30:53 info dnsmasq[5380]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Jul 7 18:30:53 info dnsmasq-dhcp[5380]: DHCP, IP range 192.168.14.100 – 192.168.14.100, lease time 1d
Jul 7 18:30:53 info dnsmasq-dhcp[5380]: DHCP, IP range 192.168.13.129 – 192.168.13.141, lease time 1d
Jul 7 18:30:53 warning dnsmasq[5380]: no servers found in /etc/resolv.conf, will retry
Jul 7 18:30:53 info dnsmasq[5380]: read /etc/hosts - 1 addresses
Jul 7 18:30:58 notice ALEOS_SECURITY_firewallManager: Firewall completed restart after 13061 ms
Jul 7 18:31:00 notice ALEOS_CONNECTMGMT: *** Network Connection successful. WAN IP [Cellular] : 107.89.137.232
Jul 7 18:31:00 notice ALEOS_CONNECTMGMT: *** IP UP 52.183.24.203 : wwan0
Jul 7 18:31:00 notice ALEOS_CONNECTMGMT: Setting WWAN MTU size to 1430
Jul 7 18:31:01 info dnsmasq[5380]: exiting on receipt of SIGTERM
Jul 7 18:31:10 err ALEOS_VPN: ipsec_wrapper: VPNFO is disabled due to wrong ID of primary or secondary VPN ID
Jul 7 18:31:11 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:12 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:13 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:13 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:13 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:15 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:15 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:15 err ALEOS_WEB_ACEmanager: SSL_accept failed - Error: (336151574) sslv3 alert certificate unknown
Jul 7 18:31:19 err ALEOS_VPN: ipsec_wrapper: VPNFO is disabled due to wrong ID of primary or secondary VPN ID
Jul 7 18:31:20 alert ALEOS_LAN: MTU Source Auto - Set DHCP option 26 MTU: 1430
Jul 7 18:31:21 alert ALEOS_LAN: MTU Source Auto - Ignore Opt 26 MTU size 1500
Jul 7 18:31:22 info dnsmasq[8723]: started, version 2.78-security-prerelease cachesize 150
Jul 7 18:31:22 info dnsmasq[8723]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Jul 7 18:31:22 info dnsmasq-dhcp[8723]: DHCP, IP range 192.168.14.100 – 192.168.14.100, lease time 1d
Jul 7 18:31:22 info dnsmasq-dhcp[8723]: DHCP, IP range 192.168.13.129 – 192.168.13.141, lease time 1d
Jul 7 18:31:22 info dnsmasq[8723]: reading /etc/resolv.conf
Jul 7 18:31:22 warning dnsmasq[8723]: ignoring nameserver 127.0.0.1 - local interface
Jul 7 18:31:22 info dnsmasq[8723]: using nameserver 52.183.24.203#53
Jul 7 18:31:22 info dnsmasq[8723]: read /etc/hosts - 1 addresses
Jul 7 18:31:24 notice ALEOS_LINKMGMT_linkmon: New Link Status - Network Ready

Of course the Ip addresses and key are different but this is how the vpn on the device is setup… using this I can get the primary subnet of the remote network but not the second network… I can see packets coming from the modem for the primary subnet however when I try to ping the second one nothing comes across from the modem. The attached computer to the modem however can get to the second subnet intermittently.

I am not very familiar with these… do I need to add a route for the second subnet or would it have done that already when i created the ipsec tunnel?

Hi tommyboy20021984

Please check that the Remote Subnet 2 Address parameter on the gateway is matched with IPSec VPN server.

You select Remote Address Type Subnet Address, So the Remote Address must be 192.168.13.0.

Please make sure the device network with second subnet is working.

It have done that already when you created the ipsec tunnel.

I have set up IPsec VPN with primary and secondary remote subnet on GX450 ALEOS firmware 4.9.4 p09 at my side.
Both primary and secondary remote subnets work fine. I can see packets when I ping primary and secondary remote subnets.
I have attached the screenshots for your reference.
Please help to mark “Solution” if your question is answered.

Split tunnel972×357 11.2 KB

VPN950×929 34.4 KB

Primary remote subnet1114×490 24.8 KB

Secondary remote subnet1156×595 25.8 KB

I appreciate your answer however im not sure I understand why this would not work. I have multiple tunnels and i want to keep them on the 192.168.13.0 network… so subnetting the network only seemed correct. 192.168.13.128 is the network id for the 255.255.255.240 … can the device not do this… i will try this solution though… thank you

I also didnt mention the GX’s IP address and range for the attached devices are both set in the 128 subnet…

Subnet Calculator Subnet Calculator
Network Class
A B C First Octet Range
192 - 223
IP Address
192.168.0.128
Hex IP Address
C0.A8.00.80
Subnet Mask

255.255.255.240
Wildcard Mask
0.0.0.15
Subnet Bits

4
Mask Bits

28
Maximum Subnets

16
Hosts per Subnet

14
Host Address Range
192.168.0.129 - 192.168.0.142
Subnet ID
192.168.0.128
Broadcast Address
192.168.0.143
Subnet Bitmap
110nnnnn.nnnnnnnn.nnnnnnnn.sssshhhh

Hi @tommyboy20021984

What results did you try? Does it work?

I have set up IPsec VPN with the same configuration and subnet.
Both primary and secondary remote subnets work fine. I can see packets when I ping primary and secondary remote subnets.

Please make sure the device network with second subnet is working and consider opening firewall properly.

VPN895×886 36.6 KB

What version of ALEOS are you on?

Hi @tommyboy20021984

I have mentioned it before.