SSL VPN tunnel inside of an IPsec VPN client tunnel.

Unanswered Question
Feb 14th, 2008
User Badges:

I have an application where I need to initiate an SSL VPN tunnel inside of a tunnel setup with a Cisco VPN client(IPsec/UDP). Our policy for our Cisco client is not to allow split-tunneling. I get connected to the SSL VPN box but after that I cannot ping any addresses on the connected segment I receive from the SSL VPN box. Look at my attachement which show a route print and a couple of screen shots. Any help would be greatful.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
f.aoun Fri, 02/15/2008 - 05:41
User Badges:

weird application.

Try to change MTU to 1418 (use cisco systems SETMTU tool installed with vpn client).

johnsos Fri, 02/15/2008 - 06:19
User Badges:

Ok, I will try that. Also about the application. The reason from tunnel within a tunnel application is we have a secure area that requires access only via SSLVPN. So if I'm at work I would use the SSLVPN to gain access to that area. I'm allowed access to the rest of my enterprise via split-tunneling being enabled with the SSLVPN. I'm going to ask to see if I can have the SSLVPN positioned to have public access this will probably fix my issues since I will only be using one tunnel.

johnsos Fri, 02/15/2008 - 09:44
User Badges:

We found our issue. It seems that the other vendor had a mis-configuration or added something they shouldn't have. They add the network I was trying to get to to their split-tunnel list which denied me from getting to it. We removed and I now can get to it. Thanks for your suggestions.


This Discussion