Hello, I have an 851 router that I am trying to learn with, I have a working config that gets me online and has a basic firewall and dhcp for clients. I then wanted to add a VPN using the 851 and the Cisco VPN client.
I was able to get partially to my goal as I can establish a vpn and it is showing me 192.168.1.0 as the secured route but I cannot ping or communicate with anything with in the 192.168.1.1 network.
Try this one also.
Instead of using access-list in NAT statement , use Route-map and see if it resolves the issue.
1.Deny the Ipsec traffic in the NAT access-list.
access-list 120 deny 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 120 permit 192.168.1.0 0.0.0 any
2 create a Route Map
route-map nonat permit 10
match ip address 120
3. no ip nat inside source list 1 interface FastEthernet4 overload
4. ip nat inside source route-map nonat interface FastEthernet4 overload
5. Clear ip nat translations *