Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member


My network is as follows beginning on the inside.


Private LAN - int fa 0/0

Outside int - int fa 0/1


Inside int - fa 0/0

Outside int - fa 0/1

Comcast Internet inside

What I want to do is be able to allow my VPN users access to the private LAN, network. VPN users, which get addresses in the range, are able to connect and access anything in the network, but not beyond. I've added a route for the network to look at the PIX's inside interface for that network, but no help. Am I missing a NAT config? Do I need NAT from outside to inside on my router to make this work, or am I missing some additional routing confiuration?

Thank you


Re: setup


From your post i understand that you have remote vpn users who log into your 2811 and gets connected to your local lan.

If thts the case can you revert where the pix comes in picture ? or else are you talking about the local lan behind the pix is establishing the VPN ?

If possible do post out the config of the 2811 router with the public ip and passwds masked ..


New Member

Re: setup

Actually, remote vpn users connect to the PIX, which is uplinked to a 2811 router, which then leads to my LAN. Also, one of my 2811's serial interfaces is connected to a frame relay network, and the other to a point to point, which you'll see in the config.

thank you

The config of the router and PIX are attached.

CreatePlease login to create content