Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

cisco Remote VPN issue while changing the VPN ip pool

Hi,

We have already implemented Cisco client VPN service on Cisco ASA. My Cisco VPN ip pool is configured 174.26.4.0/22 & My corporate network pool is 172.26.4.0/22. which is working perfectly.

My concern is VPN pool 174.26.4.0/22 is comes under public range so i want to change this pool into private range (172.30.100.0/24)

so i changed below configuration.

no access-list nonat extended permit ip 172.26.4.0 255.255.252.0 174.26.4.0 255.255.252.0
no ip local pool testpool 174.26.4.0-174.26.4.253

access-list nonat extended permit ip 172.26.4.0 255.255.252.0 172.30.100.0 255.255.255.0
ip local pool testpool 172.30.100.1-172.30.100.254

After changing, i am able to connect vpn & vpn machine got ip address 172.30.100.1.

during VPN connection, vpn machine (172.30.100.1) is pinging from corporate network & even take the remote also but from VPN machine (172.30.100.1) I am not able to ping corporate network.

For your information i have added the route on corp machine towards ASA inside which are earlier doing.

i am not able to understand where is my mistake?

I am attaching the existing config & public ip & natting of server command is removed for security purpose.

Please help us

Regards

vinod Gupta

9810966625

1 REPLY
New Member

Re: cisco Remote VPN issue while changing the VPN ip pool

Configure your ip pool as 172.26.4.1-172.26.4.50, you just need to get a chunk in your /22 network for you VPN client pools. Then you should be able to ping your corporate LAN.

Sent from Cisco Technical Support iPhone App

494
Views
0
Helpful
1
Replies
CreatePlease login to create content