Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

SA 500 IPSec VPN Guide with Shrew Soft

This document contains the steps for configuring the SA 500 to work with a Shrew Soft VPN Client.

Version history
Revision #:
1 of 1
Last update:
‎03-26-2010 03:49 PM
Updated by:
Labels (1)
New Member


I have made all the steps with above Guide, configuring my SA520 (firmware 2.1.18)

and Shrew Soft VPN Client v 2.1.7 (Windows Vista Business 32b Service Pack 2)

I can establish the connection to remote host but can't ping remote gateway

need some advices

best regards


New Member

Hi Adam,

With SA520 (firmware 2.1.18) and Shrew Soft VPN Client v 2.1.7 on Windows Vista / XP machines, we are not seeing the issue. We are able to ping both remote host as well as remote gateway. Can you please confirm that the firewall on your Windows machine is not blocking the ping.

Can you also confirm if you are pinging WAN or LAN interface of SA500 from Shrewsoft Client? If you are pinging WAN interface, can you please verify if on web UI under Firewall > Attacks > Block Ping to WAN interface is unchecked.

If you are still seeing the issue, is it possible to create a temporary account for your team to try connecting to your SA500. You can send me a private message if you are not comfortable putting information on the community post.



New Member


I don't mean to "steal" this topic but i have a question about this too.

With the help of that manual i succeeded to set up a working IPsec VPN tunnel. I can ping to all the devices including the SA on the remote network. I can also still ping to the devices on my local network (I don't know if that's supposed to be like that?). But i cannot connect to the internet anymore. I can only load pages from the local or remoteVPN network. Both networks have acces to the internet and firewall on the computers are disabled. Any solution for this ? (I'm no expert in VPNs).

Thanks in advance,


New Member

Hi Joachim,

With Shrewsoft VPN client user can reach or access device LAN subnet only. Current SA500 does not support Internet over VPN client tunnel for Shrewsoft VPN client - it is only supported for Cisco VPN client.



New Member


Thanks for the quick reply! Now I know that it's not just me :-)