Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
174
Views
4
Helpful
1
Replies

Cannot connect to Internal network using vpn 3002 to vpn 3015

gaban
Level 1
Level 1

‎11-26-2002 04:42 PM - edited ‎02-21-2020 12:11 PM

I am configuring the vpn 3002 to connect to our VPN 3015 concentrator. I get authentication but I cannot ping or access our internal network. I can ping the private and public interface of the concentrator but that is all I can get to. How do I make the users behind the 3002 access our internal network.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎11-26-2002 06:19 PM

If you can ping the Private interface of the 3015 from behind the 3002 then your tunnel is up and you have a routing problem, in that your network behind the 3015 doesn't know how to get to the network behind the 3002.

You need to add a route onto your network behind the 3015, that defines the network behind the 3002 and points to the Private IP address of the 3015. Then redistribute that route throughout your network if necessary.

Also make sure that your 3015 has a static route on it for the network behind the 3002 pointing to the default gateway of the 3015 out the Public interface (although the fact you cna ping the Private interface of the 3015 means you do have this, or you just have a default gateway defined and no more specific route which is also fine).

Customers Also Viewed These Support Documents