Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
5
Helpful
4
Replies

NAT or ACL issue?

Go to solution
jeffreyhood
Level 1
Level 1

‎05-24-2007 02:11 AM - edited ‎02-20-2020 09:39 PM

Hello,

I have a Cisco 850 running 12.4(2) with an existing L2L tunnel to another Cisco router. I am trying to add remote access to the Cisco 850 and I'm having, what I believe, is an ACL or NAT issue. I can connect to the 850 with the VPN client and get an address from the pool, but I can not ping in the internal network. Any help is appreciated. Here is my config:

Labels:
Preview file
5 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
palomoj
Level 1
Level 1

‎05-24-2007 08:02 AM

Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
palomoj
Level 1
Level 1

‎05-24-2007 08:02 AM

Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.

0 Helpful

Go to solution
jeffreyhood
Level 1
Level 1
In response to palomoj

‎05-24-2007 04:36 PM

Palomoj,

Thanks, that has me pointed in the right direction. I can know get replies to ping, but the replies are coming from the external IP of the router, not the 10.203.0.0 devices I am pinging on the LAN. Any more suggestions? Thanks again.

0 Helpful

Go to solution
palomoj
Level 1
Level 1
In response to jeffreyhood

‎05-24-2007 09:15 PM

config t

access-list 111 permit ip 10.203.0.0 0.0.0.255

any

crypto isakmp client configuration group doctors

acl 111

Go to solution
jeffreyhood
Level 1
Level 1
In response to palomoj

‎05-25-2007 02:05 PM

Thanks Palomoi, that did it. Your help is appreciated.

0 Helpful
Customers Also Viewed These Support Documents