After a good configuration, i can log to my VPN Concentrator 3005 thru the client using internet. But the problème is that : when i get access to internet via a LAN i can log to my vpn but no connexion to my remote LAN. I have to disable first my IP adress before getting access to the remote LAN. So question :
Is the VPN 3005 accept only connexion to the remote LAN throught a dial-up connexion or what config have to do ?
Is the problem that when your client is connected to a local LAN, you can establish a tunnel but can't ping anything over the VPN to teh remote LAN. If so, you're probably being NAT/PAT'd somewhere on the local LAN and this is dropping the IPSec packets. Try enabling IPSec over UDP in the concentrator group and on the client and see if that makes a difference.
If however, the remote LAN has the same IP address as your local LAN (in other words, your client PCs IP address is in the same subnet as the remote LAN you're trying to connect to), then this won't work. Microsoft PC's will always send packets for the remote LAN out the local NIC unencrypted cause it thinks the remote host is locally connected.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...