Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internet -> ADLS Router ->LAN 1-> VPN -> LAN 2

our company Internetaccess looks like this:

Internet ->Zyxel ADSL Router -> Lan 1 -> Cisco PIX 501 Firewall -> Lan2

we have problem to built up a VPN Network Connection from the Internet to the Lan2

1. we can built up a VPN Connection from a CISCO client from the Internet. We receive a dyn. IP Adress from the LAN2 Subnet, But we can not Ping any computer within LAN2

2. From Lan 1 we can built up a VPN connection to Lan 2, works fine.

3. From ISP we receive a dyn. IP Address for the Zyxel ADSL Router which Routes it by setup SUA to the CISCO Firewall. works fine

4. From Lan 2 we have internet - Access, ok

5. From Lan 1 we have Internet - Access,ok

6. The access to Internet/Lan2 from Lan1 is not needed in the future, just for debugging issue.

Any help is really appreciated. Since we are struggeling with that since days. How does the routing needs to be setup?

thanks Chris

4 REPLIES
Anonymous
N/A

Re: Internet -> ADLS Router ->LAN 1-> VPN -> LAN 2

packets can be filtered using Access Control Lists (ACLs) to control what traffic enters and leaves a network. ACLs can be configured and applied in inbound and outbound directions on an interface for packet filtering. Inbound ACLs check the traffic entering the interface and outbound ACLs act on traffic leaving the interface.

Gold

Re: Internet -> ADLS Router ->LAN 1-> VPN -> LAN 2

verify the pix config whether the command below has been applied,

isakmp nat-traversal

New Member

Re: Internet -> ADLS Router ->LAN 1-> VPN -> LAN 2

thanks Jackko,

after I changed the ADSL router into bridge mode and followed your advise to enable nat-traversal it was working.

Gold

Re: Internet -> ADLS Router ->LAN 1-> VPN -> LAN 2

it's good to learn that the issue has been resolved.

according to cisco,

Why should I rate posts?

If you see a post that you think deserves recognition, please take a moment to rate it.

You'll be helping yourself and others to quickly identify useful content -- as determined by members. And you'll be ensuring that people who generously share their expertise are properly acknowledged. As posts are rated, the value of those ratings are accumulated as "points" and summarized on the Member Profile page and on each member's Preferences page.

270
Views
4
Helpful
4
Replies
CreatePlease login to create content