Has anyone had this problem or know a work around?
I have a client who has an Altiga 3005 vpn concentrator. Their inside ip subnet at the home office is 172.16.1.x. If one of the employees goes to a customer who also has a 172.16.1.x inside subnet the connection does not work properly.
The vpn client connects and logs the user in, however the user cannot ping anything back at the home office (the vpn client does not seem to try to send this through the ipsec tunnel). However, the user cannot ping his local default gateway at his customer or any machines on that subnet.
Hence, the user cannot connect to his NT/2000 shares.
Split tunneling is turned off on the Altiga as is Local Lan access on the vpn client. When the user attempts to connect to the internet through his vpn connection, is DOES work, going through his home office's PIX.
If the user goes to a customer who uses say a 10.1.1.x network, all works well.
IP parkets can only be routed to the specified default gateway when there is no specific route in the routing table. In the scenerio, you pointed out, traffics destined for 172.16.1.x, would naturally be routed to the inside subnet. Traffics to other subnets would go, cos they would be directed to the default gateway, which will point them to your home office, that explain why the internet browsing is working.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :