Cisco VPN Client connects but can't access remote network on c1841

Unanswered Question

Hi Everyone, I followed some sample configs online and configured my c1841 router to acceppt VPN Client connection.

Now I'm able to connect the VPN Client to the router and able to ping the router's LAN IP address, but I couldn't get to any other computers on the remote network.

my VPN Client's address pool is 192.168.88.1 to 192.168.88.254, the remote site LAN IP is 10.88.88.0/24.

Router IP is 10.88.88.1

I turned on debug ip packet, I can see packets come in when I ping the router LAN IP 10.88.88.1, but when I try to ping another IP 10.88.88.5, there is nothing coming in.

The route print on VPN Client computer is correct, nothing wrong, static routes to the remote network are properly added. Trace route shows the first node is the router WAN IP, and the rest time out.

I've attached my conf file, please help me have a look. I've been trying for a few days, but still can't fix.

Thanks in advanced

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

router# sh crypto ipsec sa

interface: Dialer1

Crypto map tag: SDM_CMAP_1, local addr 116.15.132.166

protected vrf: (none)

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

remote ident (addr/mask/prot/port): (192.168.88.5/255.255.255.255/0/0)

current_peer 58.185.121.38 port 4888

PERMIT, flags={}

#pkts encaps: 4, #pkts encrypt: 4, #pkts digest: 4

#pkts decaps: 47, #pkts decrypt: 47, #pkts verify: 47

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0

#pkts not decompressed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 116.x.132.166, remote crypto endpt.: 58.x.121.38

path mtu 1452, ip mtu 1452, ip mtu idb Dialer1

current outbound spi: 0xD281D3DD(3531723741)

inbound esp sas:

spi: 0x8809AE23(2282335779)

transform: esp-3des esp-sha-hmac ,

in use settings ={Tunnel UDP-Encaps, }

conn id: 3001, flow_id: FPGA:1, crypto map: SDM_CMAP_1

sa timing: remaining key lifetime (k/sec): (4392170/3248)

IV size: 8 bytes

replay detection support: Y

Status: ACTIVE

inbound ah sas:

inbound pcp sas:

outbound esp sas:

spi: 0xD281D3DD(3531723741)

transform: esp-3des esp-sha-hmac ,

in use settings ={Tunnel UDP-Encaps, }

conn id: 3002, flow_id: FPGA:2, crypto map: SDM_CMAP_1

sa timing: remaining key lifetime (k/sec): (4392178/3248)

IV size: 8 bytes

replay detection support: Y

Status: ACTIVE

outbound ah sas:

outbound pcp sas:

-==========================

here is the strange part, my local ident is 0.0.0.0:

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

Actions

This Discussion