Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

PIX 506E VPN caan connect, but no LAN

Heelo, We have a 506E with 6.3(3). we want to use Cisco VPN clinet to connect and can do so, but cannot ping on the LAN or connect to the servers...Need help wih the configurations as we are novices perhaps..Can someone look at the attached config. and see if we overlooked something...Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: PIX 506E VPN caan connect, but no LAN

Change your pool to something outside of 192.168.2.0/24.

ip local pool vpnpool 192.168.x.60-192.168.x.63

Then add a nat exemption acl for this network.

access-list nonat permit ip 192.168.2.0 255.255.255.0 192.168.x.0 255.255.255.0

nat (inside) 0 access-list nonat

Then, also change your split tunnel acl to reflect the new pool

access-list SplitTunnel permit ip 192.168.2.0 255.255.255.0 192.168.x.0 255.255.255.0

2 REPLIES
Green

Re: PIX 506E VPN caan connect, but no LAN

Change your pool to something outside of 192.168.2.0/24.

ip local pool vpnpool 192.168.x.60-192.168.x.63

Then add a nat exemption acl for this network.

access-list nonat permit ip 192.168.2.0 255.255.255.0 192.168.x.0 255.255.255.0

nat (inside) 0 access-list nonat

Then, also change your split tunnel acl to reflect the new pool

access-list SplitTunnel permit ip 192.168.2.0 255.255.255.0 192.168.x.0 255.255.255.0

New Member

Re: PIX 506E VPN caan connect, but no LAN

Thanks very much...That did the trick!

140
Views
0
Helpful
2
Replies
CreatePlease to create content