Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

2821 VPN Client ACL and NAT woes - can't access internal LAN

I'm having trouble getting my configuration to work properly and I've spent countless hours researching with no luck.

This is a simple problem I hope. Once connected to the 2821 via the Cisco VPN Client (V5), I can access the router's LAN IP and even telnet into it without any problems but I cannot access any other IP's on the network.

I started using Virtual-Templates and I couldn't get it to work so I changed the config per articles and posts that I had been reading.

How can I make this configuration work? Do I have to use virtual-templates (or should I)?

Any help would be greatly appreciated!!!!

Thanks in advance

4 REPLIES

Re: 2821 VPN Client ACL and NAT woes - can't access internal LAN

Ryan,

The config supplied looks OK - have you compared it against the various types in in the below link??

http://www.cisco.com/en/US/customer/products/ps5854/prod_configuration_examples_list.html

also I did notice you are using a VPN pool ip subent that is different from the LAN subnet?

Do all other devices on the LAN have the routers ip address as a default gateway?? You might want to change the VPN ip pool to a subnet of the LAN ip range for testing to see if it is a simple routing issue?

HTH>

New Member

Re: 2821 VPN Client ACL and NAT woes - can't access internal LAN

I tested and it does work if I specify an IP pool on the LAN subnet, I'd like to keep the users on a different subnet though. Any Idea how I can make that work?

Thanks for your help!

New Member

Re: 2821 VPN Client ACL and NAT woes - can't access internal LAN

I think i'm going to use

http://www.cisco.com/en/US/customer/products/hw/routers/ps274/products_configuration_example09186a0080819289.shtml

as a guide and give it another shot.

Hopefully this works!

Re: 2821 VPN Client ACL and NAT woes - can't access internal LAN

Ryan,

This is not the solution you are looking for - if you have tested assinging the VPN users IP address in the same range as the LAN subnet - and this works? When you change the IP subnet to something differenet - and remote users can only access the router - the issue is not the VPN or router, the issue is your routing on the LAN.

Do you have another layer 3 routing device on your LAN? IS the default gateway on the servers & workstations point to the 2821 router?

HTH>

137
Views
8
Helpful
4
Replies