Easy VPN Server and Cisco VPN client

Unanswered Question
Oct 10th, 2005
User Badges:

I have configured a CISCO 836 router as an Easy VPN server. I'm using CIsco VPN client to establish VPN connections from two remote sites having ADSL modem with static IP. A static IP is configured on the router's external interface too. The internal interface of the router is connected to a LAN having the IP address 10.0.0.1


The problem is that although I manage to establish a connection and the router assigns an "internal" ip address (e.g. 10.0.0.201)to the client's interface it is impossible to connect to any other computer on the network except the router's internal interface.


I'm a begginer concerning VPNs and networking in general so I'm not familiar with CISCO IOS commands etc.


I would really appreciate any help on this.


Mamy thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spremkumar Mon, 10/10/2005 - 23:44
User Badges:
  • Red, 2250 points or more

hi


can u check out the ACL part which has to permit both the lan blocks to have the communication established or else do post out the router side configurations here.


regds


panikos73 Tue, 10/11/2005 - 00:29
User Badges:

Hi spremkumar,


It's impossible to upload routers configuration and I can't send it as a message because it exceeds the maximum character number.


Is there any other way (e-mail maybe)?


Many thanks for yoyr time and your response.


Regards

Nikos Panagopoulos

panikos73 Tue, 10/11/2005 - 00:44
User Badges:

Hi spremkumar,


I've already sent you the running config of the router via e-mail.

panikos73 Thu, 10/13/2005 - 09:33
User Badges:

I fortunately found myself a solution. And here is what I did:



I was asking the router to assign an IP address to the VPN clients from a pool that it was a part of the network beyond the router (LAN: 10.0.0.0/24 and pool: 10.0.0.201 - .250). I assume that since there is no physical MAC address for the VPN client any request from it to the machines in the network beyond the router was coming from within their network but they could not found the machine to reply. Additionally since the request was from someone inside the same network they won’t ask their default gateway (the router) for translation.




So I tried to tell the router to assign the clients an IP address from a different pool and thing worked grate.


Many thanks to everyone who saw my post and especially to spremkumar.


Regards


Nikos Panagopoulos




Actions

This Discussion