Unable to access network devices after successful VPN

Unanswered Question
Fernando_Meza Wed, 07/05/2006 - 02:27
User Badges:
  • Gold, 750 points or more

hi ... are you connecting using cisco VPN client or a LAN to LAN VPN ..? there are few things you need to check in this type of situations.


1.- The devices terminating the VPN support NAT traversal and it is enabled.


2.- Make sure there are no access-list that could be blocking this communication.


3.- Make sure that the networks behind each VPN gateway know how to route to each other.



I hope it helps ... please rate it if it does !!!


leighharrison Sat, 07/08/2006 - 07:50
User Badges:
  • Gold, 750 points or more

Hey there,


This seems like a routing problem to me. Do a traceroute from your site to the new site and see where it goes, then do a trace from the new site back to you and see where that goes.


If it goes in the right direction, then have a look to see if the traffic is permitted down the tunnel, etc.


Happy hunting!


Regards,

LH


Please rate all posts

Hi there


If I have to do a traceroute from my site, it will be the site I vpn successfully to. I vpn in OK. but I can't access the devices within this new site. And the trace will be on the same site I'm on through VPn client.


Or do you mean to trace from this Public network I'm on to the private test network.


Dont seem to understand your statement, please explain further.


Regards.

BIC.

leighharrison Tue, 07/11/2006 - 02:45
User Badges:
  • Gold, 750 points or more

Hi there,


If you can't access the other site, there could be a couple of reasons. The traffic that you are sending might not be in the allowed traffic list, you might not be routing to it, or it might not be routing back.


To test the routing, do a trace route and see if it heads off to the new site as you would expect and see if it gets there or if/where it stops. You will also need to check that the remote site knows how to get back to you. For this do the same trace route from the remote site.


To test the allowed traffic, have a look at the node you've got the vpn set up on and make sure that your traffic is in the allowed/no nat list.


Regards,

LH


Please rate all posts

Actions

This Discussion