Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAT or ACL issue?

Hello,

I have a Cisco 850 running 12.4(2) with an existing L2L tunnel to another Cisco router. I am trying to add remote access to the Cisco 850 and I'm having, what I believe, is an ACL or NAT issue. I can connect to the 850 with the VPN client and get an address from the pool, but I can not ping in the internal network. Any help is appreciated. Here is my config:

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: NAT or ACL issue?

Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.

4 REPLIES
Community Member

Re: NAT or ACL issue?

Your NAT ACL 101 needs to deny IP from internal IP to remote VPN pool 10.2.199.x.

Community Member

Re: NAT or ACL issue?

Palomoj,

Thanks, that has me pointed in the right direction. I can know get replies to ping, but the replies are coming from the external IP of the router, not the 10.203.0.0 devices I am pinging on the LAN. Any more suggestions? Thanks again.

Community Member

Re: NAT or ACL issue?

config t

access-list 111 permit ip 10.203.0.0 0.0.0.255

any

crypto isakmp client configuration group doctors

acl 111

Community Member

Re: NAT or ACL issue?

Thanks Palomoi, that did it. Your help is appreciated.

100
Views
5
Helpful
4
Replies
CreatePlease to create content