cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
8
Helpful
4
Replies

2821 VPN Client ACL and NAT woes - can't access internal LAN

rbdrake22
Level 1
Level 1

I'm having trouble getting my configuration to work properly and I've spent countless hours researching with no luck.

This is a simple problem I hope. Once connected to the 2821 via the Cisco VPN Client (V5), I can access the router's LAN IP and even telnet into it without any problems but I cannot access any other IP's on the network.

I started using Virtual-Templates and I couldn't get it to work so I changed the config per articles and posts that I had been reading.

How can I make this configuration work? Do I have to use virtual-templates (or should I)?

Any help would be greatly appreciated!!!!

Thanks in advance

4 Replies 4

andrew.prince
Level 10
Level 10

Ryan,

The config supplied looks OK - have you compared it against the various types in in the below link??

http://www.cisco.com/en/US/customer/products/ps5854/prod_configuration_examples_list.html

also I did notice you are using a VPN pool ip subent that is different from the LAN subnet?

Do all other devices on the LAN have the routers ip address as a default gateway?? You might want to change the VPN ip pool to a subnet of the LAN ip range for testing to see if it is a simple routing issue?

HTH>

I tested and it does work if I specify an IP pool on the LAN subnet, I'd like to keep the users on a different subnet though. Any Idea how I can make that work?

Thanks for your help!

I think i'm going to use

http://www.cisco.com/en/US/customer/products/hw/routers/ps274/products_configuration_example09186a0080819289.shtml

as a guide and give it another shot.

Hopefully this works!

Ryan,

This is not the solution you are looking for - if you have tested assinging the VPN users IP address in the same range as the LAN subnet - and this works? When you change the IP subnet to something differenet - and remote users can only access the router - the issue is not the VPN or router, the issue is your routing on the LAN.

Do you have another layer 3 routing device on your LAN? IS the default gateway on the servers & workstations point to the 2821 router?

HTH>

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: