Hey all...I was reading through the forums, but couldn't find any pre-existing posts describing the problems I'm having. Has anybody run into the following situation before?
I have a Cisco 1721 router with a pre-existing IKE LAN-to-LAN tunnel with another location. I configured it the other day for remote access VPN client logins.
Here's the situation: Cisco VPN clients can connect with no problem from anywhere. An IP address gets assigned. I can even ping LAN addresses at the location being connected to.
I'm having two problems:
(1) Not all LAN addresses are pingable all the time. For instance, one minute, I will be able to ping 10.1.18.1, but not 10.1.19.1. Then next minute, I might be able to ping 10.1.19.1, but NOT 10.1.18.1. The LAN segment is pretty large (10.1.16.0 255.255.252.0)
(2) Except for pings, I am unable to make any sort of connection to our servers onsite (VNC, Remote Desktop, etc). I can't find any problems with the access-lists that might cause this problem.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...