Not sure what's going on here. We have one internal network at our location: 192.168.1.0/24. Pretty standard, I suppose.
Anyhow, we have a Pix 501 handling our firewall and VPN needs. The VPN assign's remote clients addresses from the 192.168.2.0/24 range.
Our Windows clients don't have a problem with this setup. For instance, when I connect from home using my XP SP2 setup, I am assigned an address of 192.168.2.209. I can communicate just fine with all machines on the 192.168.1.0/24 network without an issue.
Now, on to the OS X (v10.3.9) install. I've got the client installed (v4.8) on the machine just fine. Configured the client to connect and everything goes well. I get a connection and I am assigned an IP address from the 192.168.2.0/24 range.
My problems start when I try and access any machines on our local network, 192.168.1.0/24. I can't get anything out of them. They don't respond to pings or any other protocol. Interestingly enough, I can communicate with one adress only, 192.168.1.100.
I can only assume something is off with the routing on the VPN side here. Why can I only communicate with 192.168.1.100 and all other addresses are unreachable? I'm hoping it is a configuration issue with the client that can be resolved easily, as I don't have direct access to the Pix 501 to configure it.
Am I doing something wrong on the client end or do I need to smack my boss upside his head and have him configure the VPN differently?
Do not forget to save the policy when you are finished configuring. Open up a DOS window and ping a known host on the inside network of the PIX in order to initiate the tunnel from the client. You receive an Internet Control Message Protocol (ICMP) unreachable message from the first ping as it tries to negotiate the tunnel.For more information refer to following url:
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :