Unable to access satellite offices with Cisco VPN client

Unanswered Question
Feb 19th, 2008
User Badges:

There are 4 sites:


Main office - 192.168.0.x/24

Sat office1 - 10.0.0.x/24

Sat Office2 - 10.0.1.x/24

Sat Office3 - 10.0.2.x/24


All 4 offices are connected via MPLS using other Cisco routers from the telcom co. The user VPN endpoint is at the main office. (Cisco 1811)


We can make the VPN connection with the Cisco VPN client and browse the 192 network all day long. We cannot access any of the other subnets over the VPN connection. Browsing the other subnets while physically at the main office is fine. This DID work in the past. Something changed that I cannot pinpoint, any ideas?


Scope for the VPN endusers is 10.100.100.x/24

Cisco VPN Client versions 4.x and 5.x (both affected)


Thanks in advance


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Tue, 02/19/2008 - 09:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Ken


It is good to know that it did work in the past and then stopped working. That indicates that something changed. Is it possible that a software upgrade has been done and that the change is behavior is reflecting a different version of IOS? (I suspect that is is possible but not so likely - but we need to ask.)


My guess is either that there was some change in the routing logic or that the access lists which indicate what traffic is to be protected by the VPN used to include remote to remote but has been changed for some reason.


Could you post the configuration of the main office 1811?


Another question that occurs to me is whether the main office 1811 is directly connected to the Internet or does it go through some firewall? If if goes through some firewall is it possible that there has been some change in the firewall rules that is denying the remote to remote traffic?


HTH


Rick

Actions

This Discussion