Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Split Tunneling

<br />I have 2 queries on RAS VPN connection.

<br />

<br />1. I have configured 2 PC's to connect to VPN server which are connected thru ADSL NAT connection. I have 2 VPN servers

<br />

<br />configures one as primary and another as backup. It seems like both the clients cannot connect to the same VPN server at a

<br />

<br />time. One goes to primary and another goes to secondary. I want both the PC's to connect to the same server. Whats is going

<br />

<br />wrong?

<br />

<br />

<br />2. I have my Remote Access VPN setup configured on Cisco VPN Concentrator. 2 VPN servers in the same segment.

<br />All the clients connect to internet and then connect to VPN server using Cisco VPN clients with out any issues.

<br />Once connected to VPN server they will get private IP to their VPN clients. Each VPN server will assign the IP's from unique

<br />

<br />subnets to the client.

<br />

<br />VPN Server1-----------Assgin client IP 10.0.0.0/255

<br />VPN Server2-----------Assgin client IP 11.0.0.0/255

<br />

<br />The LAN subnet ip of all the client is 192.168.2.0/24 and they are connected to the same switch without any VLAN's.

<br />

<br />Now some of my VPN clients need to connect to other VPN clients by their LAN IP when they are connected to VPN.

<br />

<br />I configured "Allow Local LAN Access" on VPN client and also on VPN server I enabled "Allow the networks in list to bypass

<br />

<br />the tunnel" and selected "VPN Cleint Local LAN"

<br />

<br />Even though all the clients are in the same subnet they cannot connect.

<br />

<br />When I checked the VPN Client Statistics it shows both Local LAN route 192.168.2.0/24 as well as Secured routes as 0.0.0.0

<br />

<br />Whats is going wrong with my setup?

I have followed the below link for configuration

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00806f34e6.shtml

1 REPLY
Silver

Re: VPN Split Tunneling

It sounds like you are running in to a PAT limitation of this particular DSL device. If they utilize standards based NAT-T (as opposed to IPsec/UDP or ESP mode) or IPsec/TCP, both of these should be a workaround this problem.

146
Views
0
Helpful
1
Replies