I have a branch office with 1721 router (192.168.0.1) and a central office with 2611XM router (192.168.1.1). Also I have another 2611XM router (192.168.1.101) on the central office. I implemented VPN between VPN clients and the central office and also between the branch office and central office (192.168.1.1 router). CVPN clients can access remote Intranet (10.112.192.0/18) over the second 2611XM router (192.168.1.101) but clients from the branch office (192.168.0.0) cannot. Clients from 192.168.0.0/24 can ping 192.168.1.101 but cannot ping 10.112.192.0/18. Here are my two config file from the 1721 & 1st 2611XM. What do I have to do on my routers to access network 10.112.192.0/18. (Routers 192.168.1.101 has static route to 192.168.0.0 over 192.168.1.1. This router is not in my control. It makes another VPN to 10.112.192.0/18)
Current configuration : 2821 bytes
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
enable secret 5 $1$CJ.F$XtuSBlPaR7kaMkGvRw.eK0
enable password xxxxxxxx
username xxxxx password 0 xxxxxxxx
aaa authentication login userauthen local
aaa authorization network groupauthor local
aaa session-id common
ip audit notify log
ip audit po max-events 100
crypto isakmp policy 3
crypto isakmp policy 5
crypto isakmp key xxxxxxx address REMOTE PUBLIC IP ADDRESS no-xauth
From the first look at it, I would say that the routers in 10.112.192.0/18 don't know how to get back to 192.168.0.0/24. Of course, a trace would help more to identify where the failure is.
The interesting comment you make is: "CVPN clients can access remote Intranet (10.112.192.0/18) over the second 2611XM router (192.168.1.101)..." What address space do these CVPN clients belong to?? Are they accessing the same (specific) destinations as your branch is??
IP pool for CVPN clients is 10.1.1.100-10.1.1.200.
There are two situations: 1st: when I'm on the router 1721 (192.168.0.1) with Telnet I cannot ping from the router any host on LAN 192.168.1.0/24, also I cannot ping any host on LAN 192.168.0.0/24 from router 2611XM (192.168.1.1/24)when I'm with telnet on him. In the same time any host from these two LANs can ping each others. Is this OK?
2nd: when I make traceroute from a host on LAN 192.168.0.0/24 to 10.112.206.30 (a host on 10.112.119.0/18) I get just one hop (192.168.0.1).I said last time that I can ping 192.168.1.101 without problem.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...