02-19-2007 10:57 PM
When I connected my adsl router and got ip address is 10.1.1.1/8 then I use remote access vpn terminating on firewall then authentication work fine and got ip address from the pool is 10.7.0.1/16 but I can't access local lan from this if I dialed-up from my pc and got ip address 2x2.102.x.y then I connected remote access vpn and authentication I can access local lan no problem.
It is routing issue on pc with overlap ip or not ???
please clarify or provide helpfull link
Thank
Solved! Go to Solution.
02-21-2007 04:11 AM
Hi,
It seems like its a nat-t issue.
Make sure the VPN headend has "isakmp nat-t" enabled (if its a PIX) . If a concentrator, please make sure "IPsec NAt-T" is enabled.
Also, make sure, on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.
HTH,
-Kanishka
02-20-2007 07:49 AM
Hi,
For further analysis, please do this :
1. Connect via ADSL router.
2. Goto command prompt of the PC and obtain the output of 'route print'.
3. Disconnect and connect via dial-up.
4. Goto command prompt of the PC and obtain the output of 'route print' again.
5. Post both the outputs with correct labels.
I'll try to analyse and respond back.
HTH,
Please rate if it helps.
Regards,
Kamal
02-21-2007 04:11 AM
Hi,
It seems like its a nat-t issue.
Make sure the VPN headend has "isakmp nat-t" enabled (if its a PIX) . If a concentrator, please make sure "IPsec NAt-T" is enabled.
Also, make sure, on the client, "Enable Transparent tunneling" is checked, with IPSec over UDP NAT/PAT selected.
HTH,
-Kanishka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide