Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

VPN Client to VPN 3000 series Concentrator, PIX Firewall, or IOS router - Cannot ping internal subnet

Core issue

The VPN Client is able to establish the VPN tunnel, but it cannot ping an internal subnet that is not directly connected to the VPN Gateway (that is, a VPN Concentrator, PIX Firewall, or IOS router). This is caused by an internal routing issue or by internal devices blocking return traffic to the VPN device.


  1. Verify that all layer 3 devices in the path behind the VPN Gateway device have the correct route to the VPN Client subnet.
  2. Verify that the VPN Client subnet does not conflict with other subnets on the internal network.
  3. Verify that none of the networking devices have an access list that is blocking the traffic.
Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 03:31 PM
Updated by:
Labels (1)