SSL VPN tunnel inside of an IPsec VPN client tunnel.

johnsos · ‎02-14-2008

I have an application where I need to initiate an SSL VPN tunnel inside of a tunnel setup with a Cisco VPN client(IPsec/UDP). Our policy for our Cisco client is not to allow split-tunneling. I get connected to the SSL VPN box but after that I cannot ping any addresses on the connected segment I receive from the SSL VPN box. Look at my attachement which show a route print and a couple of screen shots. Any help would be greatful.

f.aoun · ‎02-15-2008

weird application.

Try to change MTU to 1418 (use cisco systems SETMTU tool installed with vpn client).

johnsos · ‎02-15-2008

Ok, I will try that. Also about the application. The reason from tunnel within a tunnel application is we have a secure area that requires access only via SSLVPN. So if I'm at work I would use the SSLVPN to gain access to that area. I'm allowed access to the rest of my enterprise via split-tunneling being enabled with the SSLVPN. I'm going to ask to see if I can have the SSLVPN positioned to have public access this will probably fix my issues since I will only be using one tunnel.

johnsos · ‎02-15-2008

We found our issue. It seems that the other vendor had a mis-configuration or added something they shouldn't have. They add the network I was trying to get to to their split-tunnel list which denied me from getting to it. We removed and I now can get to it. Thanks for your suggestions.