08-06-2008 01:12 AM
hello folks,
I am emulating a remote access VPN setup in my Lab setup. I get connected alright but when I am connected, the remote access client is not able to ping any of the local LAN devices and as such can not access local resource.
Below is the LAN configurations acquired by the VPN client when connected. From what I see, it picks an IP from the local pool for its gateway instead of the default gateway of the local LAN.
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . : xyz.com
Description . . . . . . . . . . . : Cisco Systems VPN Adapter
Physical Address. . . . . . : 00-05-9A-3C-78-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . : 192.168.2.1
Subnet Mask . . . . . . . : 255.255.255.0
Default Gateway . . . . . .: 192.168.2.2
DNS Servers . . . . . . . : 192.168.1.3
Any assistance please.
Attached is my configuration of the router.
08-06-2008 04:42 AM
ok
to solve this problem
u have to configure what is called split tunneling
inthe case case u gonna creat ACL with this ACL u gonna decide which traffic that should be go through the vpn tunnel and which should not
for example if have network behind the router u need to access it by vpn and this network is 10.1.0.0/24
do the following
access-list 100 permit ip 10.1.0.0 0.0.0.255 any
then under the vpn client group configuration mode( where u applied th pool)
add the following command
acl 100
exit
in this case the client will use the vpn tunnel only for traffic going to 10.1.0/24 network
ant thing else will use ur normal lan config
good luck
please if helpful Rate
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide