Showing results for 
Search instead for 
Did you mean: 
Please be advised, the GuideMe Wizard is no longer available on the Small Business Support Community. For search capability please use the community search field to find content related to Cisco Small Business documents, videos, and discussions.

SA 500 IPSec VPN Guide with Shrew Soft


This document contains the steps for configuring the SA 500 to work with a Shrew Soft VPN Client.



I have made all the steps with above Guide, configuring my SA520 (firmware 2.1.18)

and Shrew Soft VPN Client v 2.1.7 (Windows Vista Business 32b Service Pack 2)

I can establish the connection to remote host but can't ping remote gateway

need some advices

best regards


Cisco Employee

Hi Adam,

With SA520 (firmware 2.1.18) and Shrew Soft VPN Client v 2.1.7 on Windows Vista / XP machines, we are not seeing the issue. We are able to ping both remote host as well as remote gateway. Can you please confirm that the firewall on your Windows machine is not blocking the ping.

Can you also confirm if you are pinging WAN or LAN interface of SA500 from Shrewsoft Client? If you are pinging WAN interface, can you please verify if on web UI under Firewall > Attacks > Block Ping to WAN interface is unchecked.

If you are still seeing the issue, is it possible to create a temporary account for your team to try connecting to your SA500. You can send me a private message if you are not comfortable putting information on the community post.



Community Member


I don't mean to "steal" this topic but i have a question about this too.

With the help of that manual i succeeded to set up a working IPsec VPN tunnel. I can ping to all the devices including the SA on the remote network. I can also still ping to the devices on my local network (I don't know if that's supposed to be like that?). But i cannot connect to the internet anymore. I can only load pages from the local or remoteVPN network. Both networks have acces to the internet and firewall on the computers are disabled. Any solution for this ? (I'm no expert in VPNs).

Thanks in advance,


Cisco Employee

Hi Joachim,

With Shrewsoft VPN client user can reach or access device LAN subnet only. Current SA500 does not support Internet over VPN client tunnel for Shrewsoft VPN client - it is only supported for Cisco VPN client.



Community Member


Thanks for the quick reply! Now I know that it's not just me :-)