After authentication to the VPN C2S server the client can't ping any
corporate IP addresses.

NW6.5sp1, BM3.8, VPN C2S:

- BM PRV IP: /
- BM is not the default router. Cisco 3600 is the main prv router (IP10.20.30.1 / He is configured to direct all traffic from

corporate lan for destination to
- BM is configured to direct all traffic for destination to
router (IP
- VPN C2S is configured in iManager 2.0. The rule is configured to
give one
IP address from pool - for authenticated VPN
- VPN Client's PUB IP is (that's the SDI router) and
he is
behind NAT. His PRV IP is and the SDI router is

The VPN Client is successfully logged by VPN Client 3_8 with NMAS
authentication. The the tab of VPN connection properties is showing
his IP
and (first from assigned pool). But he can't ping, and nothing. All packets are transmitted but no reply.
I have checked the situation by the PKTSCAN utility on my BM. Packets
captured on two interfaces (PUB and PRV) of BM. When the client is
authenticated via VPN and ping, there's no packets captured
PKTSCAN (even on PUB interface). But when the client ping,
PKTSCAN has captured UDP encrypted packets (probably with ICMP ECHO
to - i don't know becouse they are encrypted). So I
that's no routing between vpn and prv interfaces or between pub and
Or pool assigned to VPN connection ( - doesn't
the valid mask so it can't reach the main corporate router /
Any suggestions my friends?

Do you know how Novell VPN works inside the server? I mean how is therouting from authenticated VPN client
behind NAT to PRV LAN interface od BM? That's the trouble, that's the

stay QL