How to see Lan after VPN tunnel is established

Unanswered Question
Jun 25th, 2010
User Badges:

After configuration VPN using L2TP on router users can connect to it.

But they can't connect to computers which are in the LAN after establishing the VPN tunnel.


How to do that?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jay Young Fri, 06/25/2010 - 12:03
User Badges:
  • Cisco Employee,

Patryk,


When you mean "see Lan" are you saying that you can't browse your network or getting the NetBIOS messages.  When you vpn the router puts a /32 entry in its table out the WAN interface.  As a result if you are broadcasting stuff on your LAN and even if your vpn address is within that subnet, you won't see any of those broadcast packets.  You should be able to ping (unicast) those computers though.


-Jay

pwolsza_wolfik1 Sat, 06/26/2010 - 00:13
User Badges:

To 'see' I mean to can't ping server which is inside.

I can't ping from the contecet client to internal server even when the connection is established.

Jay Young Mon, 06/28/2010 - 12:34
User Badges:
  • Cisco Employee,

Patryk,


Without more detailed information about the issue there is not much to say, but here a few things to check:


1)  The subnet mask on the ip address pool.  This could be configured wrong.

2)  In the L2TP config on the client do you have the "use this as a default gateway" box checked

3)  When you do a ping to the internal client do you see decapsulations in the output of "show crypto ipsec sa"

4)  Are you able to ping the router's inside interface?

pwolsza_wolfik1 Fri, 07/02/2010 - 12:59
User Badges:

Thank you for support.


The problem was routing between 2 routers in LAN.

After configuration static routing now I can ping server.


Anyway thank's for sugestions.

Actions

This Discussion