07-03-2006 04:57 PM - edited 02-21-2020 01:01 AM
We've successfully VPN into the other domain but we're unable to access the devices in that domain. What could be wrong?
07-05-2006 02:27 AM
hi ... are you connecting using cisco VPN client or a LAN to LAN VPN ..? there are few things you need to check in this type of situations.
1.- The devices terminating the VPN support NAT traversal and it is enabled.
2.- Make sure there are no access-list that could be blocking this communication.
3.- Make sure that the networks behind each VPN gateway know how to route to each other.
I hope it helps ... please rate it if it does !!!
07-06-2006 05:02 PM
Hi
I've done all the steps above but still unable to access or ping the devices.
please help.
bax.
07-08-2006 07:50 AM
Hey there,
This seems like a routing problem to me. Do a traceroute from your site to the new site and see where it goes, then do a trace from the new site back to you and see where that goes.
If it goes in the right direction, then have a look to see if the traffic is permitted down the tunnel, etc.
Happy hunting!
Regards,
LH
Please rate all posts
07-10-2006 05:12 PM
Hi there
If I have to do a traceroute from my site, it will be the site I vpn successfully to. I vpn in OK. but I can't access the devices within this new site. And the trace will be on the same site I'm on through VPn client.
Or do you mean to trace from this Public network I'm on to the private test network.
Dont seem to understand your statement, please explain further.
Regards.
BIC.
07-11-2006 02:45 AM
Hi there,
If you can't access the other site, there could be a couple of reasons. The traffic that you are sending might not be in the allowed traffic list, you might not be routing to it, or it might not be routing back.
To test the routing, do a trace route and see if it heads off to the new site as you would expect and see if it gets there or if/where it stops. You will also need to check that the remote site knows how to get back to you. For this do the same trace route from the remote site.
To test the allowed traffic, have a look at the node you've got the vpn set up on and make sure that your traffic is in the allowed/no nat list.
Regards,
LH
Please rate all posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: