VPN to 5505 not reliable

Unanswered Question
Sep 29th, 2009
User Badges:

Hi All. I have a vpn configured on a 5505 but it doesnt seem to reliably work. When I connect using the cisco client, I am unable to get to my default gateway, nor can I ping anything on the inside. Ive gone over it but nothing seems obvious to me. Any tips appreciated!

Bob




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Tue, 09/29/2009 - 10:59
User Badges:
  • Green, 3000 points or more

Change you vpn pool to be outside of 10.1.0.0/16.


Also, add "crypto isakmp nat-traversal".

mx Tue, 09/29/2009 - 11:24
User Badges:

Thank you, I will try that now. If I change the vpn pool to 10.10.instead of 10.1 will I need to change any ACL's for them to get out?

acomiskey Tue, 09/29/2009 - 12:10
User Badges:
  • Green, 3000 points or more

Yes, you will need to change the associated acl's, inside_nat0_outbound for example will need changed to reflect the new pool.

Actions

This Discussion