Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
244
Views
0
Helpful
2
Replies

Spoke to Spokle with ezVPN?

Go to solution
society-gmbh
Level 1
Level 1

‎11-28-2006 01:59 AM - edited ‎03-09-2019 04:57 PM

Hello,

I would like to link two external "places" via a central VPN 3030 Concentrator.

One of them is a complete Network connected to the VPN Concentrator in the Main Office with a Cisco 836(ezVPN with Network-extension) Mode.

The other is a Notebook with a Cisco VPN Client Software also connected to the VPN Concentrator in the Main office.

Now I would like the Notebook to be able to access a Server in the Network behind the Cisco 836, but it does not work.

Both VPN Tunnels are okay and working. I can access servers in the private Network of the VPN Concentrator from both externals.

Just the Spoke-to-Spoke does not work.

Can anyone please help ?

Thankx a lot.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ggilbert
Cisco Employee
Cisco Employee

‎11-28-2006 09:34 AM

Hello,

Things to check

1. What is your "tunnel default gateway" on the concentrator set to? If it is set to something on your internal network of the concentrator, you would need to create a filter to override tunnel default gateway (TDG) and apply the filter to the group settings for the VPN client.

2. Are you doing split tunneling for the EzVPN? If so, make sure you are passing down the VPN client network pool in the Network list to be tunneled for the 836.

Also, TDG filter has to be created for the EzVPN group.

- Rate it, if it helps -

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ggilbert
Cisco Employee
Cisco Employee

‎11-28-2006 09:34 AM

Hello,

Things to check

1. What is your "tunnel default gateway" on the concentrator set to? If it is set to something on your internal network of the concentrator, you would need to create a filter to override tunnel default gateway (TDG) and apply the filter to the group settings for the VPN client.

2. Are you doing split tunneling for the EzVPN? If so, make sure you are passing down the VPN client network pool in the Network list to be tunneled for the 836.

Also, TDG filter has to be created for the EzVPN group.

- Rate it, if it helps -

0 Helpful

Go to solution
society-gmbh
Level 1
Level 1
In response to ggilbert

‎11-29-2006 12:34 AM

Thank you so much..

The tip with the Tunnel Default Gateway helped solve the Problem..

I was so blind.. I checked everything from Routing Tables to ACL Settings and more but didn ?t see that Tunnel Default Gateway.

I remove the Tunnel Default Gateway entry (as I don?t really need it) and now it works fine.

Thank you so much...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents