Our internal network is 10.10.1.0/24 and is accessible via VPN clients (VPN Client 4.0) connecting to a PIX. When connected, the client receives a remote IP address in the range 10.10.10.0/24. One of our users is currently located in an office that also uses 10.10.1.0/24. This person can connect to the VPN endpoint, but cannot access anything on our network. Presumably all his traffic is being directed onto his local network and not being encrypted and sent to the VPN gateway?
Am I correct that there's no way for this person to access our 10.10.1.0/24 network since he's on a conflicting network? Does the "Allow Local LAN Access" setting in the client have any affect?
Can you provide more details? What configuration changes would permit the remote VPN user to access our 10.10.1.0 network (behind our PIX) even though he's on another 10.10.1.0 network (another company's internal network)?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...