Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
0
Helpful
3
Replies

VPN Client cannot ping each other

aqswdefrgt
Level 1
Level 1

‎01-02-2006 05:17 PM - edited ‎02-21-2020 02:10 PM

I am using PIX 501 version 6.3. Currently I am facing a problem regarding the VPN Client. When VPN Client A and B connected to the VPN, they will be given an IP address from the range of 192.168.2.100-192.168.2.200. But VPN Client A cannot ping B or gain access to B VNC. Neither can B do the same to A. Is it that I must add an access-list to allow VPN Client to ping each other? Please Help....

Labels:
0 Helpful
3 Replies 3

attrgautam
Level 5
Level 5

‎01-02-2006 08:32 PM

Doubt if you can do it. Packets coming through an interface cannot go out through the same interface (unless it is V7). Explains why you cant ping A to B.

0 Helpful

gfullage
Cisco Employee
Cisco Employee

‎01-02-2006 08:33 PM

The problem is that you're using a PIX as the head-end device. The PIX specifically will not route a packet back out the same interface it came in on, that includes VPN packets from one client going back out the same interface to another VPN client. There is unfortunately no way around it, sorry.

0 Helpful

BRIAN SEKLECKI
Level 1
Level 1
In response to gfullage

‎04-12-2007 06:20 AM

Thank you for your definative answer. I'm was pretty sure that I had gotten off the boat and gone up river all the way.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents