cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
507
Views
5
Helpful
2
Replies

VPN issue, can't contact hosts on LAN

gcsellis87
Level 1
Level 1

Hi all..

For my work i've been put on a project tot manage the connections to several locations in Yemen.

The connection to the remote routers (IPsec) works well. I mean that I can contact the router via my vpn client using the yemen group. But the thing is that i simply can't reach the hosts on the inside of the remote network.

What in the config can be the problem. Is i the ACL entry?

Maybe you guys can help me out of this.

Any answer can be helpful!

--Config removed-

2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

ACL 110 that you have assigned for split tunnel ACL does not seem to exist as per your configuration.

ACL 110 should say:

access-list 110 permit ip 10.0.0.0 0.0.0.255 10.10.10.0 0.0.0.255

Also, ACL 2 that has been assigned to the NAT statement, needs to be changed to an extended ACL, as follows:

access-list 120 deny ip 10.0.0.0 0.0.0.255 10.10.10.0 0.0.0.255

access-list 120 permit ip 10.0.0.0 0.0.0.255 any

ip nat inside source list 120 interface Dialer0 overload

no ip nat inside source list 2 interface Dialer0 overload


Hope that helps.

Thanks for your help halijenn. This indeed fixed the connection problem !!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: