You will want to modify your NAT overload rule so that the return traffic from the 192.168.100.0/24->192.168.112.0/24 subnets is exempt from NAT. To accomplish this, you can configure an extended ACL similar to the one below. You will then associate this ACL to the NAT overload configuration.
ip access-list extended OVERLOAD deny ip 192.168.100.0 0.0.0.255 192.168.112.0 0.0.0.255
permit ip 192.168.100.0 0.0.0.255 any
no ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source list OVERLOAD interface FastEthernet4 overload
thankx for the Idea with the NAT Exemption I tried that before but it did not work. I tried it again now, but the VPN still does not work as it should.
When I traceroute from an Server Inside (behind the Router) to the VPN-Clients Network (192.168.112.0) I see that the trace does not get translated to the Internet anymore. But also it does not reach the connected VPN-Client:
Routenverfolgung zu 192.168.112.1 über maximal 30 Abschnitte
1 <1 ms <1 ms <1 ms 126.96.36.199 2 * * * Zeitüberschreitung der Anforderung. 3 * * * Zeitüberschreitung der Anforderung. 4 * * * Zeitüberschreitung der Anforderung. 5 ^C
And vice versa I cannot reach that server from the connected VPN client.
Any other ideas what the cause of the Problem might be.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...