VPN doesn't work with the overlap ip address?

Answered Question
Feb 19th, 2007

When I connected my adsl router and got ip address is 10.1.1.1/8 then I use remote access vpn terminating on firewall then authentication work fine and got ip address from the pool is 10.7.0.1/16 but I can't access local lan from this if I dialed-up from my pc and got ip address 2x2.102.x.y then I connected remote access vpn and authentication I can access local lan no problem.

It is routing issue on pc with overlap ip or not ???

please clarify or provide helpfull link

Thank

I have this problem too.
0 votes
Correct Answer by kaachary about 9 years 7 months ago

Hi,

It seems like its a nat-t issue.

Make sure the VPN headend has "isakmp nat-t" enabled (if its a PIX) . If a concentrator, please make sure "IPsec NAt-T" is enabled.

Also, make sure, on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.

HTH,

-Kanishka

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Kamal Malhotra Tue, 02/20/2007 - 07:49

Hi,

For further analysis, please do this :

1. Connect via ADSL router.

2. Goto command prompt of the PC and obtain the output of 'route print'.

3. Disconnect and connect via dial-up.

4. Goto command prompt of the PC and obtain the output of 'route print' again.

5. Post both the outputs with correct labels.

I'll try to analyse and respond back.

HTH,

Please rate if it helps.

Regards,

Kamal

Correct Answer
kaachary Wed, 02/21/2007 - 04:11

Hi,

It seems like its a nat-t issue.

Make sure the VPN headend has "isakmp nat-t" enabled (if its a PIX) . If a concentrator, please make sure "IPsec NAt-T" is enabled.

Also, make sure, on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.

HTH,

-Kanishka

Actions

This Discussion