I have configured remote site vpn with domain authentication. VPN client users are able to login to the VPN and they are authenticating with Domain controller. But they are unable to access the LAN(remote). Please find the configuration below.
access-list inside_nat0_outbound extended permit ip any 10.100.100.0 255.255.255.0
ip local pool vpnpool 10.100.100.1-10.100.100.254 mask 255.255.255.0
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 0 0.0.0.0 0.0.0.0
route inside 22.214.171.124 255.0.0.0 172.x.x.x
route outside 0.0.0.0 0.0.0.0 x.x.x.x
aaa-server India protocol nt
aaa-server India (inside) host 172.x.x.x
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto dynamic-map dynamic 30 set reverse-route
crypto dynamic-map dynamic 30 set pfs
crypto dynamic-map dynamic 30 set transform-set ESP-AES-128-SHA
crypto map vpn 10 ipsec-isakmp dynamic dynamic
crypto map vpn interface outside
crypto isakmp enable outside
crypto isakmp policy 10
group-policy gpolicy internal
group-policy gpolicy attributes
dns-server value 172.x.x.x
default-domain value domaincontroller
tunnel-group vpngroup type ipsec-ra
tunnel-group vpngroup general-attributes
tunnel-group vpngroup ipsec-attributes
Earlier same with same configuration it was working, but i have upgraded the IOS from 7.2 to 8.0.
after that it is not working.
Earlier using 7.2 IOS also i got the same problem, but when i used the command crypto isakmp nat-traversal 20 it worked.
Now after issuing this command doen's help me.
Can anybody please help me in this matter.
Thanks in Advance