11-21-2007 01:43 PM - edited 02-21-2020 01:48 AM
Hi All.
I have a VPN tunnel between a Cisco 1700 Router and a VPN 3000 Concentrator. This tunnel is working great. The internal network is (192.168.70.x).
The internal network that the VPN Concentrator (192.168.10.x) is connected to is also attached to 3 other remote networks via Netscreen/VPN. (192.168.40.x, 192.168.60.x, 192.168.170.x).
My issue is, a user on the .70 network (tunnel between 1700 and VPN 3000) can not ping anything on the remote networks attached to the 192.168.10.x network.
I am not sure what to do, it seems as though I have tried everything, but am unable to get connectivity.
Attached is my config file on the 1700 router.
If anyone can help me out it would be greatly appreciated!
11-22-2007 05:05 AM
Maybe I'm wrong but I think your problem is in NAT.
11-22-2007 05:58 AM
What do you suggest I do to rectify it? I have assigned the proper addresses in my access-lists?
11-22-2007 09:30 AM
Hi
Does the device on 192.168.10.x that your other remote networks connect into know the correct route back to 192.168.70.x is via the concentrator (and not, for instance, the default gateway)?
Regards
Kev
11-22-2007 11:01 AM
Hi, thanks for the reply.
The netscreen at 192.168.10.1 (whom all the other networks are connected to) does have a static route setup for the 192.168.70.x network to route to the VPN Concentrator (192.168.10.39). Without this route I couldnt do much on the .10 network.
When I do a traceroute from the 192.168.70.x network to a remote network it never gets passed the netscreen at 192.168.10.1?
Its really confusing me. I have even tried adding routes to the external networks firewalls.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: