IOS VPN Remote Access problems

Unanswered Question
Aug 20th, 2008

Hi guy,

I am new to Cisco discussions so welcome everyone. Can anyone help me please? I am having the following problems after establishing an IPSec VPN connection between a Cisco 877 router and Cisco VPN client:

1. I can't ping outside global IP addresses through the router,

2. I can't ping outside global IP addresses through local gateway after enabling split-tunneling on the router,

3. The IP address on the vpn client does not equal to the default gateway IP address being assigned from the local pool on the router. Should they not be the same?

I am posting relevant parts of the router config. Please ask me for more details and suggest some solution to my problem.

Thanks and best regards,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Wed, 08/20/2008 - 22:28

try to remove the following line


no crypto isakmp client configuration address-pool local ipPool

remi-reszka Thu, 08/21/2008 - 05:30

Hi marwanshawi,

Thanks for your reply. I will try it right away but by removing the above line I won't prevent clients from getting their IP addresses from the ipPool?


Marwan ALshawi Thu, 08/21/2008 - 06:34

they will take through

crypto isakmp client configuration group remote_users

key xxxxxxxxx

dns xxxxxxx

pool ipPool

where pool mean the ip pool address

remi-reszka Thu, 08/21/2008 - 06:52

cool. I'll let you know the results as soon as I test it. Thanks very much.

remi-reszka Thu, 08/21/2008 - 08:38

Hi marwanshawi,

I tried your suggestions and it did not helped. I can still ping private addresses behind the router (VPN server) however unable to ping global outside IP addresses. When I try to ping FQDN it seems like it's being resolved but no responses from destinations. Do I need to modify ACL on the outside interface for the ipPool (I did however but no help).

Thanks in advance for all suggestions.



This Discussion